Forum Discussion
Frankie1969
Jan 13, 2022Copper Contributor
Install ssl certificate on windows server 2012 R2
I would install a SSL certificate on Windows Server 2012 R2.
I received from SSL/provider 4 files:
- mydomain.company.it.csr
- mydomain.company.it.key
- mydomain_company_it_cert.cer
- mydomain_company_it_interm.cer
In IIS i have installed "mydomain_company_it_cert.cer" choosing "Complete Certificate Request".
In this way i can't see certificate from dropdown list when i am trying to binding in IIS.
I have tried to run "certutil -repairstore my xxxxxxxxxxx" but i am constantly prompted for smart card.
This article it doesn't help much , the hot-fix has been removed.
I read this thread but i don't know if have to generated .CSR again at first point of reply.
Any thoughts on how to bypass the smart card and get the repair to complete are appreciated
- Yes, importing a pfx file gives you a certificate with the private key. (The key sign will be shown then in the certificate store) Perhaps the person who gave you the files can convert his files into a a pfx file using openssl tooling.
- 1. The Certificate Signing Request
2. The private key
3. The Root CA for the certificate I guess?
4. The intermediate CA for the certificate
What did you give to the SSL Provider? Only the request I presume. did you create the csr yourself using IIS? If so, then I don't know where you got the key file from? Usually the SSL provider gives you a bundle back with the root and intermediate and a cer file which you can use to complete the request (You should see the certificate in the Computer/Personal certificate store on that server- Frankie1969Copper ContributorAll the files were provided to me by the person who handled the request (an administrative).
I didn't create the .csr file with IIS.
In IIS as written i have installed "mydomain_company_it_cert.cer" choosing "Complete Certificate Request".
Yes, i can see the certificate in the Computer/Personal certificate store (with name mydomain.company.it) but if i double click on it, icon does not contain the "key image".
The certificate has not a private key.
Thanks for your time.- Complete certificate request is something you can do only when you created the request in IIS yourself. Since someone else did that for you, they have all the data
You need a pfx file from that person, without it you will never have a certificate in your store to use within IIS