Install Config Wiki

All about installing, configuring and troubleshooting

User Tools

Site Tools


Install a renewal SSL Server Certificate for Exchange 2010 OWA in default website on Windows Server 2008 R2

So, namecheap send you an email to remind you that your SSL certificate is about to expire for your Exchange Server 2010 that was installed in IIS on your Windows Server 2008 R2 O/S, and you recall buying a certificate at for multiple years, but Sentigo will only issue a certificate that expires in one year at a time. So, at Namecheap, in order to issue or reissue the next year's SSL certificate, you may again use the same Certificate Signing Request (CSR) encrypted text that you had generated the prior year when ordering the original SSL certificate (although using the same CSR it is not recommended from a security standpoint). Sentigo (formerly Comodo) will only issue certificates which last (expire in) one year, even though you may purchase multiple years in advance to get the deep discount. Namecheap sells these Sentigo certificates and reissues a new one year certificate when the previous one year certificate is about to expire. You can expose the old CSR text at Namecheap by selecting your domain and click the button for Manage Product, and clicking re-issue. Click the text link to expose the original CSR text, and then copy the original CSR text into your windows clipboard, click Re-issue button, and insert/paste the CSR text into the input text box, and then continue. Follow the instructions for how to confirm you are the owner of the domain or the person who controls the domain for which the certificate will be installed. It is suggested that you use email confirmation. Click the confirmation link in the email that you receive from namecheap or Sentigo.

Sentigo issues the certificate (cert.crt) for your website via email in a zip file. Save to your hard disk and extract the files. Ignore the “bundle” file as that is for Linux distros with apache or nginx webserver installed. After extracting the ZIP file, you will be using the certificate.crt file.

Installing the newly issued SSL certificate in IIS

Open IIS internet information services on Windows 2008 R2. Select the server name at the upper left of the Microsoft management console snap-in. In the Middle window, Double Click to Select the “Server Certificates” icon. In the far right pane, click the text link “Complete Certificate Request.” In the popup property page, click … to Browse for the cert.crt file that you extracted from Sentigo's email to your server's hard drive. You may need to switch the file filter to *.* for all files to see and select certificate.crt. Enter a friendly name for the Server name of the Certificate such as and submit to continue.

While in IIS, expand sites and select the default website. Select Bindings on the far right pane. Select the entry for SSL Port 443 binding and use the dropdown box to select the friendly name of the newly issued SSL certificate. Click ok, or apply, ok whatever the button name is.

You may or may not need to restart IIS service for the certificate change to take effect.

install_renewal_ssl_server_certificate_iis_windows_2008_r2.txt · Last modified: 2021/12/06 18:21 by wikiadmin