Installing Manual Wildcard Cert renewal on IIS


#1

My domain is: ccarlin.com

My web server is (include version): IIS 10

The operating system my web server runs on is (include version): Windows 10

I can login to a root shell on my machine (yes or no, or I don’t know): Yes

I renewed my certificate manually (via a virtualbox linux instance) and now want to renew the installed certificate on my IIS Server (also used for email) how do I update the existing certificate? I have tried going thru IIS and install or renewing with the pfx file and it doesn’t seem to do anything.


#2

Hi @ccarlin

what have you tried?

You must load the certificate in the Machine Certificate Store (under Webhosting). Not in the Personal Store.

If the certificate is in the correct store, it’s only one click to select the new certificate.


#3

PS: This

https://transparencyreport.google.com/https/certificates/8syrczmarlprBmO5nDGne7v4nG3UU234HsV%2FPxUVd0I%3D

looks that you have created a wrong wildcard certificate.

You should have a certificate with two domain names:

*.ccarlin.com
ccarlin.com

Because *.ccarlin.com doesn’t work with ccarlin.com, but you should have a https binding with ccarlin.com.


#4

Yeah I found that out (missing ccarlin.com) a little too late after creating the initial certificate. I have kind of worked around via some redirection on my website but it is a royal pain.


#5

This post was flagged by the community and is temporarily hidden.


#6

Turned out I copied the old pfx file that I created the first time I generated the certificate not the new one I just created with openssl (was pulling from the wrong directory). Which is why nothing was happening when I installed it since it was already installed. So user error.