So after pounding my head against the wall trying to update the wildcard cert to each of our web servers that needed it, I wanted to cause bodily harm to the team in charge of IIS 7.0. Turns out that when you install a certificate, if you haven’t done the trust chain correctly (or something like that – I never got it to work “the right way”), it just disappears without an error message.
How does the
lazy efficient sysadmin get around this without having to learn things? Simple! The instructions given worked fine on the server that actually made the request. From there, export the certificate and import everywhere else, instead of trying to install and set up the trust chain through mmc.
Steps for the simple:
1. Go to where your initial cert is installed in IIS.
2. Select “export.”
3. Put it someplace. Anyplace. I don’t care.
4. Go to your secondary server.
5. Go to IIS manager -> SSL Certificates.
6. Import. Select wherever you put it.
7. Set your bindings (navigate to the site in IIS, click “bindings” on the right, select your new cert from the dropdown).
8. Take a minute to angrily blog about it.
9. Go back to what you actually needed to work on before, but had to drop because the certs are all expiring tomorrow.