Entrust Certificate Services Support Knowledge Base

Audience: General
Last Modified: 2009-10-21 08:51:16.0

TN 7905 - How do I recover the private key of a SSL certificate in an IIS environment?

Question
How do I recover the private key of a SSL certificate in an IIS environment?

Answer:
You must first meet the following conditions:
 - The certificate signing request (CSR) was generated from the server you installed the certificate into.
 - The certificate is installed into the certificate store.

If these conditions are met you can do the following:
1. Open Microsoft Management Console and add the Certificates snap-in by clicking Start > Run, and entering mmc.exe.
2. Double-click the imported certificate that is in the Personal folder.
3. Click the Details tab.
4. Click Serial Number in the Field column, highlight the serial number, and then write it down.
5. Open a command prompt and enter the following command:
    certutil -repairstore my <Serial Number>
    Where <Serial Number> is the serial number that you wrote down earlier.
6. In the Certificates snap-in, right-click Certificates, and then click Refresh. The certificate now has an associated private key.

Affected Products:

• Entrust Certificate Services 1 Year Advantage SSL Certificate Version Not Applicable Language Not Applicable Platform Not Applicable