How do I back up and restore my SSL certificate and its associated private key in Microsoft IIS 7?
Skip to steps
NOTE: These instructions apply to the following server types:
Microsoft IIS 7
Microsoft Exchange 2007 (Windows Server 2008)
Microsoft Exchange 2010
Microsoft Office Communications Server 2010
It is highly recommended that you back up your server certificate in a secure location. This will allow you to re-import your certificate and private key in case the original becomes corrupted.
This process is in three parts:
1) Open Microsoft Management Console (MMC)
2) Backing up your server certificate and private key
3) Restoring the server certificate and private key
Part 1 of 3: Open Microsoft Management Console (MMC)
2. Enter MMC and click OK.
3. Select File > Add/Remove Snap-in.
4. Click Certificates and click Add.
5. Select Computer Account, and click Next.
6. Select Local Computer and click Finish.
7. Click OK to close the Snap-ins window.
1. In MMC, double-click Certificates (local computer).
Part 2 of 3: Backing up your server certificate and private key
2. Right-click on the certificate you need to backup and select All Tasks > Export to open up the wizard. Complete the wizard to create a .pfx file. This .pfx file is the backup file for the certificate and the private key associated with it
3. Select Yes, export the private key.
Note: If the option to export the private key is grayed out, then the private key is either missing from the server or was set to be un-exportable. In either scenario, you will not be able to back up your certificate and private key pair.
4. Select Include all certificates in the certificate path if possible.
5. Enter a password to protect the .pfx file.
6. Select the location where you wish to save the file.
The generated .pfx file is your certificate and private key backup.
Make sure that you store the file in a secure place.
Write down the file password and store it in a safe and secure place. This password is your only way to access the backed-up certificate and private key.
Part 3 of 3: Restoring the server certificate and private key
You restore your server certificate and private key pair by importing the certificate and private key backup file.
1. In MMC, double-click Certificates (local computer). Right-click Personal and select All Tasks > Import.
2. Complete the wizard to import the backup file of your certificate.
Note: When you browse for your .pfx certificate backup file, make sure that the file extension drop down menu is set to see Personal Information Exchange (.pfx, p12) or all file types (*.*).3. Enter the correct password for the file.
4. Select to automatically place the certificate in the certificate store based on the type of certificate.
5. Click Finish to close the wizard, and close the MMC console to complete the certificate import.
If you have any questions or concerns please contact the Entrust Certificate Services Support department for further assistance:
Hours of Operation:
Sunday 8:00 PM ET to Friday 8:00 PM ET
North America (toll free): 1-866-267-9297
Outside North America: 1-613-270-2680 (or see the list below)
NOTE: It is very important that international callers dial the UITF format exactly as indicated. Do not dial an extra "1" before the "800" or your call will not be accepted as an UITF toll free call.
|Australia||0011 - 800-3687-7863|
|Austria||00 - 800-3687-7863|
|Belgium||00 - 800-3687-7863|
|Denmark||00 - 800-3687-7863|
|Finland||990 - 800-3687-7863 (Telecom Finland)|
00 - 800-3687-7863 (Finnet)
|France||00 - 800-3687-7863|
|Germany||00 - 800-3687-7863|
|Hong Kong||001 - 800-3687-7863 (Voice)|
002 - 800-3687-7863 (Fax)
|Ireland||00 - 800-3687-7863|
|Israel||014 - 800-3687-7863|
|Italy||00 - 800-3687-7863|
|Japan||001 - 800-3687-7863 (KDD)|
004 - 800-3687-7863 (ITJ)
0061 - 800-3687-7863 (IDC)
|Korea||001 - 800-3687-7863 (Korea Telecom)|
002 - 800-3687-7863 (Dacom)
|Malaysia||00 - 800-3687-7863|
|Netherlands||00 - 800-3687-7863|
|New Zealand||00 - 800-3687-7863|
|Norway||00 - 800-3687-7863|
|Singapore||001 - 800-3687-7863|
|Spain||00 - 800-3687-7863|
|Sweden||00 - 800-3687-7863 (Telia)|
00 - 800-3687-7863 (Tele2)
|Switzerland||00 - 800-3687-7863|
|Taiwan||00 - 800-3687-7863|
|United Kingdom||00 - 800-3687-7863|
0800 121 6078
+44 (0) 118 953 3088