Move or transfer certificates to another server

In a migration scenario, one of the key steps is to ensure that you keep your trusted SSL certificate. Self-issued certificates which were common in SBS2003 cannot be moved. However, you might need to retain the existing SBS2008 certificate when migrating to a new server.

To export a trusted certificate:

  1. On the Source Server, click Start, click Run, type mmc.exe, and then press ENTER.
  2. On the console, click File, and then click Add/Remove Snap-in.
  3. Click Add, choose Certificates from the list, click Add again, and then click OK.
  4. On the pop-up window, click Computer Account, click Finish, and then click OK.
  5. Expand Certificates, expand Personal, and then click Certificates.
  6. Right-click the certificate that is issued to your Web site (for example: remote.contoso.com), and then click All Tasks, and then click Export.
  7. In the Certificate Export Wizard, click Next.
  8. Ensure Yes, export the private key is selected, and then click Next.
  9. Ensure Include all certificates in the certificate path if possible and Export all extended properties are selected, and then click Next. Do not select Delete the private key if the export is successful.
  10. Type a password to protect the certificate file, and then click Next.
  11. Choose a location to save the .pfx file (for example, C:\trustedcert.pfx), and then click Next.
  12. Finish the wizard.

Transfer this .pfx file to the new server. To import the trusted certificate:

  1. On the Destination Server, click Start, type mmc.exe, and then press ENTER.
  2. On the console, click File, and then click Add/Remove Snap-in.
  3. Choose Certificates from the list, and then click Add.
  4. On the pop-up, select Computer Account, click Finish, and then click OK.
  5. Expand Certificates, expand Personal, and then click Certificates.
  6. Right-click Certificates, click All Tasks, and then click Import.
  7. On the Certificate Import Wizard Welcome page, click Next.
  8. Browse to the location of the saved .pfx file, and then click Next.
  9. Type the password that you typed in the Export procedure, ensure that Mark this key as exportable and Include all extended properties are selected, and then click Next.
  10. Ensure that the certificate will be imported to the Personal folder, and then click Next.
  11. Finish the wizard.

Once the trusted certificate has been imported to the new server, you can run the Add a Trusted Certificate wizard, and select the installed certificate.

For more information, refer to the following Technet article – http://technet.microsoft.com/en-us/library/cc527486(WS.10).aspx

Leave a Reply

Your email address will not be published. Required fields are marked *

Solve the Equation to continue * Time limit is exhausted. Please reload CAPTCHA.