Entrust Datacard

Entrust Certificate Services Support Knowledge Base

Last Modified: 2017-04-18 15:13:18.0

How do I back up and restore SSL certificate and its associated private key in IIS 7?

Article Number: 46321

User-added image

How do I back up and restore my SSL certificate and its associated private key in Microsoft IIS 7?

Skip to steps

NOTE: These instructions apply to the following server types:
Microsoft IIS 7
Microsoft Exchange 2007 (Windows Server 2008)
Microsoft Exchange 2010
Microsoft Office Communications Server 2010


It is highly recommended that you back up your server certificate in a secure location. This will allow you to re-import your certificate and private key in case the original becomes corrupted.

This process is in three parts:
1) Open Microsoft Management Console (MMC)
2) Backing up your server certificate and private key
3) Restoring the server certificate and private key

Part 1 of 3: Open Microsoft Management Console (MMC)

1. Go to Start > Run

2. Enter MMC and click OK.

3. 
Select File > Add/Remove Snap-in.



4. Click Certificates and click Add.



5. Select Computer Account, and click Next.



6. Select Local Computer and click Finish.



7. Click OK to close the Snap-ins window.


Part 2 of 3: Backing up your server certificate and private key

1. In MMC, double-click Certificates (local computer).
Double-click Personal.
Double-click Certificates.



2. Right-click on the certificate you need to backup and select All Tasks > Export to open up the wizard. Complete the wizard to create a .pfx file. This .pfx file is the backup file for the certificate and the private key associated with it



3. Select Yes, export the private key.

Note: If the option to export the private key is grayed out, then the private key is either missing from the server or was set to be un-exportable. In either scenario, you will not be able to back up your certificate and private key pair.

4. Select Include all certificates in the certificate path if possible.



5. Enter a password to protect the .pfx file.

6. Select the location where you wish to save the file.

The generated .pfx file is your certificate and private key backup.

Make sure that you store the file in a secure place.

Write down the file password and store it in a safe and secure place. This password is your only way to access the backed-up certificate and private key.


Part 3 of 3: Restoring the server certificate and private key

You restore your server certificate and private key pair by importing the certificate and private key backup file. 

1. In MMC, double-click Certificates (local computer). Right-click Personal and select All Tasks > Import.



2. Complete the wizard to import the backup file of your certificate.

Note: When you browse for your .pfx certificate backup file, make sure that the file extension drop down menu is set to see Personal Information Exchange (.pfx, p12) or all file types (*.*).

3. Enter the correct password for the file.

4. Select to automatically place the certificate in the certificate store based on the type of certificate.

5. Click Finish to close the wizard, and close the MMC console to complete the certificate import.
 

If you have any questions or concerns please contact the Entrust Certificate Services Support department for further assistance: 

Hours of Operation:
Sunday 8:00 PM ET to Friday 8:00 PM ET 
North America (toll free): 1-866-267-9297 
Outside North America: 1-613-270-2680 (or see the list below) 
NOTE: It is very important that international callers dial the UITF format exactly as indicated. Do not dial an extra "1" before the "800" or your call will not be accepted as an UITF toll free call.

CountryNumber
Australia0011 - 800-3687-7863
1-800-767-513
Austria00 - 800-3687-7863
Belgium00 - 800-3687-7863
Denmark00 - 800-3687-7863
Finland990 - 800-3687-7863 (Telecom Finland)
00 - 800-3687-7863 (Finnet)
France00 - 800-3687-7863
Germany00 - 800-3687-7863
Hong Kong001 - 800-3687-7863 (Voice)
002 - 800-3687-7863 (Fax)
Ireland00 - 800-3687-7863
Israel014 - 800-3687-7863
Italy00 - 800-3687-7863
Japan001 - 800-3687-7863 (KDD)
004 - 800-3687-7863 (ITJ)
0061 - 800-3687-7863 (IDC)
Korea001 - 800-3687-7863 (Korea Telecom)
002 - 800-3687-7863 (Dacom)
Malaysia00 - 800-3687-7863
Netherlands00 - 800-3687-7863
New Zealand00 - 800-3687-7863
0800-4413101
Norway00 - 800-3687-7863
Singapore001 - 800-3687-7863
Spain00 - 800-3687-7863
Sweden00 - 800-3687-7863 (Telia)
00 - 800-3687-7863 (Tele2)
Switzerland00 - 800-3687-7863
Taiwan00 - 800-3687-7863
United Kingdom00 - 800-3687-7863
0800 121 6078
+44 (0) 118 953 3088

TN8174

Affected Products:

  • Entrust Certificate Services 1 Year Advantage SSL Certificate Version Not Applicable Language Not Applicable Platform Not Applicable