Ask a Question

Advanced Search

Solution ID : SO7140

Last Modified : 05/17/2019

How to install a renewal certificate on a temporary site and assign it to the production site in Microsoft IIS 5 or IIS 6


This document provides instructions for installing Certificates into IIS 5.0 and 6.0 assuming you generated the CSR on a temporary website using the following solution: SO1552. If you are unable to use these instructions for your server, DigiCert recommends that you contact Microsoft.
This solution contains two Methods to install your SSL Certificate:

Method 1: Installing the certificate received via e-mail.
Method 2 (recommended): Installing the certificate downloaded from the Trust Center account.


Method 1: Download and Install SSL certificate sent via e-mail
Step 1: Obtain the SSL certificate sent via email:
        Your certificate will be sent via email. The certificate is imbedded in the body of the email.
        Copy the SSL certificate and make sure to copy the -----BEGIN CERTIFICATE----- and -----END CERTIFICATE----- header and footer.
        Ensure there are no white spaces, extra line breaks or additional characters.
        Use a plain text editor such as Notepad, paste the content of the certificate and save it with extension .txt 

        NOTE: If you selected Microsoft IIS  5.0 or above during enrollment, continue with the installation from here.

        If you are not sure which server software was selected during the enrolment, proceed with Step 2 bellow.
Step 2: Download and Install the Intermediate CAs:
        To download and install the Intermediate CAs follow the steps from this link: SO13415
Step 3: Install the SSL certificate:
        To proceed with the installation steps for your SSL certificate on a temporary website click here.
Method 2: Download and Install SSL certificate in PKCS#7 format
Step 1: Download the SSL certificate from Trust Center account:

         Download the certificate from Trust Center by following the steps from this link: SO8061.

         Make sure you download the certificate in PKCS#7 format and save it with the extension .txt or .p7b.

Step 2: Installing the certificate onto the temporary web site

  1. Open the Internet Services Manager (IIS):
  2. Click Start
  3. Select All Programs
  4. Select Administrative Tools
  5. Choose Internet Information Services (IIS) Manager
  6. Under Web Sites, right-click your temporary web site and select  Properties.
  7. Click the Directory Security tab.
  8. Under Secure Communications, click Server Certificate
  9. The Web Site Certificate Wizard will open, click Next.
  10. Choose Process the Pending Request and Install the Certificate, then click Next
    NOTE: The pending request must match the response file. If you deleted the pending request in error you must generate a new CSR and replace this certificate.
  11. Select the location of the certificate response file, and then click Next.
  12. Read the summary screen to be sure that you are processing the correct certificate and then click Next.
  13. Click Finish to exit the Wizard.

Step 3: Applying the certificate to the production web site

  1. Right-click on the production site and select Properties.
  2. Select the Directory Security tab.
  3. Under the Secure Communications section, click Server Certificate.
  4. On the Web Site Certificate Wizard, click Next.
  5. Select Replace the current certificate and click Next.
  6. Select the certificate from the list that was installed on the temporary site and click Finish.
  7. Be sure to assign your site an SSL port (443 by default).
  8. Stop and Start the Web server prior to any testing.
    NOTE: In some cases the changes may not take place after restarting IIS Services and a re-boot is needed.

Step 4:  Verify certificate installation

         To verify the SSL certificate installation, use the DigiCert SSL Tools.

        The server is now setup to use the new certificate. For more information, see Microsoft Article 295281.

Additional Notes:

         If you do not specify an IP address when installing your SSL Certificate, the same ID will be used for all virtual servers
         created on the system.
         If you are hosting multiple sites on a single server, you can specify that the ID only be used for a particular server IP address.

Microsoft Support
          For more information, contact Microsoft.