Renew a SSL Certificate in Microsoft IIS7
To start the certificate-renewal process for IIS 7 Web servers, first generate a new Certificate Signing Request (CSR) for the renewal request.
Generate a CSR
- Click the Start and click Administrative Tools.
- Click the Internet Information Services (IIS) Manager menu item.
- Select the server that you wish to secure in the left panel.
- Double-click the Server Certificates icon (located in the IIS area).
- Select the certificate you wish to renew and right-click and select the Renew item in the popup menu.
- Select the Create a renewal certificate request radio button in the first page of the Renew an Existing Certificate wizard.
- Specify the file name to be used to save the CSR.
- Open the generated CSR file; then, using a plain-text editor, such as Windows Notepad, copy and paste the CSR into our online certificate renewal form.
- We will initiate the processing of your renewal request.
Once your renewed SSL certificate has been signed and issued, we will send you an email message that allows you to download the signed certificate and our intermediate certificate bundle, both of which must be installed on your Web site.
NOTE: You must use the provided certificate-download link within 30 days of receiving the certificate-issuance email message. If the download link is allowed to expire, you must request a certificate re-key in order to retrieve your signed SSL certificate.
Before you install your issued SSL certificate you must download and install our intermediate certificate bundle on your Web server. You may also download the bundle from the repository. Once you have downloaded and saved the certificate bundle, follow these instructions to install it.
Installing Intermediate Certificate Bundle
- Type mmc in the Start search box after pressing the Start menu to start the Microsoft Management Console (MMC).
- In the Management Console, select File then Add/Remove Snap In.
- In the Add or Remove Snap-ins dialog, select Certificates then click the Add button.
- Choose Computer Account then click Next.
- Choose Local Computer, then click Finish.
- Close the Add or Remove Snap-ins dialog and click OK to return to the main MMC window.
- If necessary, click the + icon to expand the Certificates folder so that the Intermediate Certification Authorities folder is visible.
- Right-click on Intermediate Certification Authorities and choose All Tasks, then click Import.
- Follow the wizard prompts to complete the installation procedure.
- Click Browse to locate the certificate file. Change the file extension filter in the bottom right corner to be able to select the file. Click Open after selecting the appropriate file.
- Click Next in the Certificate Import Wizard.
- Choose Place all certificates in the following store; then use the Browse function to locate Intermediate Certification Authorities. Click Next. Click Finish.
NOTE: If the StarfieldClass 2 Certification Authority root certificate is currently installed on your machine you will need to disable it from the Trusted Root Certification Authorities folder.
- Expand the Trusted Root Certification Authorities folder
- Double-click the Certificates folder to show a list of all certificates.
- Find the StarfieldClass 2 Certification Authority certificate.
- Right-click on the certificate and select Properties.
- Select the radio button next to Disable all purposes for this certificate.
- Click OK.
Install an SSL Certificate
- Open the Administrative Tools menu (click on Start; select Administrative Tools).
- Select the Internet Information Services (IIS) Manager menu item.
- Select the computer that you wish to secure in the left panel.
- Double-click the Server Certificates icon (located in the IIS area).
- Select the desired certificate and right-click and select the Renew item in the popup menu.
- Select the Complete certificate renewal request radio button on the first page of the Renew An Existing Certificate wizard and press the Next button.
- Enter the name of the certificate file you downloaded from the link in the email.
- Click Finish.