How to Renew your Expiring SSL Certificate for IIS 5/6
Generate a New CSR in the Utility
-
Download the Certificate Management Tool and run it on your IIS 5/6 server with the expiring certificate.
-
Select your SSL Certificate that's expiring and click Create CSR.
-
Click Yes to 'import the attributes from the current certificate into the new CSR'.
-
Click the Copy CSR button.
-
Log into your account, click '+' next to your order number, then click Renew and fill out all of the details and paste your CSR into step 2 of the order process.
Import the Certificate with the Utility
Once your renewal certificate order has been validated and issued, you will need to use the Certificate Management Tool to import the file to your Microsoft Server.
-
Run the Certificate Management Tool (DigiCertUtil.exe).
-
Click the Import button and find your_domain_com.cer, and choose Next.
-
For 'Friendly Name' enter an alias for this SSL Certificate to help you keep track of it in the future and press Finish.
Replace the Old Certificate in IIS
-
Open Internet Information Services Manager (IIS) by clicking Start > Administrative Tools > Internet Information Services (IIS) Manager.
-
Right click on the website you are assigning the SSL certificate onto and choose Properties.
-
Go to the Directory Security tab and click Server Certificate.
-
When given the choice to Remove, Replace or Renew the current certificate, choose Replace and click Next.
-
Select the certificate that was just installed with the certificate management tool and click through the wizard until it is completed.
Next configure IIS to start using the new certificate is assign the certificate in IIS following the instructions below.
Check Your SSL Installation
Go to www.digicert.com/help and enter the DNS name of the site you are securing to test your certificate (e.g. www.yourdomain.com, or mail.yourdomain.com) to verify the installation is correct and the expiration date shows the renewed certificate.