SSL Certificates Support - Move a Certificate- Import Certificate - VeriSign UK Ltd.
VeriSign, Inc.® United Kingdom Home | Worldwide Sites | Site Map
Products & Services Solutions Support About VeriSign Existing Customers
You Are Here: United Kingdom Home > Support > SSL Certificates Support > Move a Certificate- Import Certificate

SSL Certificates Support
SSL Support Information
Generate a Certificate Signing Request (CSR)
Enrolment
Installation Instructions
Backup a Certificate
Move a Certificate

Move a Certificate- Import Certificate

An SSL certificate is bound to both the server software (i.e., Microsoft to Microsoft) and the certificate common name (i.e., “www.company.co.uk” or “acme.co.uk”). If these remain identical, you can export the certificate and its private key from the original server and import it into the target server.

Backup Your Certificate >>

To move a certificate, you need to export the existing certificate or use the backup.  
 
Select the correct software vendor and version below for import instructions.

Microsoft IIS Version 4.0

Backup >>

Import the Certificate

  1. Open the Microsoft Management Console: Start > Programs > Windows NT 4.0 Option Pack > Microsoft Internet Information Server > Internet Service Manager.
  2. Right-click the import destination Web site and select Properties.
  3. Click the Directory Security tab.
  4. In the Secure Communications section, click Edit.
  5. Click Key Manager.
  6. In the Local Computer category, select WWW.
  7. From the menu bar, select Key > Import Key > Backup File.
  8. Browse to the certificate you want to import and then click Open.
  9. Enter the password used to secure the certificate for export and then click OK.

Assign the Certificate

  1. In the Server Bindings window, click Edit to assign an IP address and the SSL port number to the certificate.
  2. Enter the IP address of the Web site.
  3. Enter the SSL port for this Web site (port 443 is the default SSL port) and then click OK.
  4. From the menu bar, save the changes by selecting Computers > Commit Changes Now.

Microsoft IIS Version 5.0

Backup >>

Import the Certificate

  1. Create a Microsoft Management Console (MMC) snap-in for managing certificates, as described in solution vs4224.
  2. Open the Microsoft Management Console (MMC).
  3. On the left pane, click Certificates.
  4. On the right pane, double-click Personal.
  5. On the right pane, right-click Certificates and select All Tasks > Import (this opens the Certificate Import Wizard). Click Next.
  6. Browse to the certificate you want to import and click Next.
  7. Enter the password used to secure the certificate for export and then click OK.
  8. To export the certificate again from this computer, select Mark the key as exportable. By default, the certificate is placed in the Personal certificate store. Keep this default selection and click Next.
  9. Click Finish. A message confirms the successful import. Click OK.

Assign the Certificate

  1. Open the Internet Information Services (IIS) Manager: Start > All Programs > Administrative Tools > Internet Information Services (IIS) Manager.
  2. In the Web Sites section, right-click your Web Site and select Properties.
  3. Click the Directory Security tab.
  4. In the Secure Communications section, click Server Certificate (this opens the Web Server Certificate Wizard) and then click Next.
  5. Select Assign an existing certificate and then click Next.
  6. Select the certificate to import (denoted by the Common Name) and then click Next.
  7. Enter the SSL port for this Web site (port 443 is the default SSL port) and then click Next.
  8. A summary page displays the details of the certificate that you are installing. Ensure that this information is correct and then click Next.
  9. Click Finish.

Microsoft IIS Version 6.0

Backup >>

Import the Certificate

  1. Create a Microsoft Management Console (MMC) snap-in for managing certificates, as described in solution vs4224.
  2. Open the Microsoft Management Console (MMC).
  3. On the left pane, click Certificates.
  4. On the right pane, double-click Personal.
  5. On the right pane, right-click Certificates and select All Tasks > Import (this opens the Certificate Import Wizard). Click Next.
  6. Browse to the certificate that you want to import and click Next.
  7. Enter the password used to secure the certificate for export and then click OK.
  8. To export the certificate again from this computer, select Mark the key as exportable. By default, the certificate is placed in the Personal certificate store. Keep this default selection and click Next.
  9. Click Finish. A message confirms the successful import. Click OK.

Assign the Certificate

  1. Open the Internet Information Services (IIS) Manager: Start > All Programs > Administrative Tools > Internet Information Services (IIS) Manager.
  2. In the Web Sites section, right-click your Web Site and select Properties.
  3. Click the Directory Security tab.
  4. In the Secure Communications section, click Server Certificate (this opens the Web Server Certificate Wizard) and then click Next.
  5. Select Assign an existing certificate and then click Next.
  6. Select the certificate to import (denoted by the Common Name) and then click Next.
  7. Enter the SSL port for this Web site (port 443 is the default SSL port) and then click Next.
  8. A summary page displays the details of the certificate. Ensure that this information is correct and then click Next.
  9. Click Finish.

Apache

Backup >>

Import the Certificate

  1. Copy the .key file and the .crt file from the diskette or CD to the appropriate directory on the target host.
  2. Edit the virtual host section of the httpd.conf file so that the SSLCertificateFile directive points to the .crt file and the SSLCertificateKeyFile directive points to the .key file.

You can use the virtual host section of the httpd.conf file on the diskette or CD as a guide.

iPlanet Version 4.0

Backup >>

Import the Certificate

  1. Rename the files on the backup to conform to: 'https-admsrv-(servername).cert7.db' and 'https-admsrv-(servername).key3.db'
  2. Create a Trust Database for the server.
  3. In the Alias directory, replace the cert7.db and key3.db files of the admin server to the cert7.db and key3.db of the new site.
  4. Restart the Web Service.

iPlanet Version 6.0

Backup >>

Import the Certificate

  1. Rename the files on the backup to conform to: 'https-admsrv-(servername).cert7.db' and 'https-admsrv-(servername).key3.db'
  2. Create a Trust Database for the server.
  3. In the Alias directory, replace the cert7.db and key3.db files of the admin server to the cert7.db and key3.db of the new site.
  4. Restart the Web Service.

IBM Websphere Server

Backup >>

Import the Certificate

  1. Type ikeyman on a command line on UNIX or start the Key Management utility in the IBM Websphere Server folder.
  2. Select Key Database File from the main menu, and then select Open.
  3. In the Open dialog box, type your key database name or click the key.kdb file if you are using the default. Click OK.
  4. In the Password Prompt dialogue box, type your correct password, and click OK.
  5. Select Personal Certificates in the Key Database content frame, and then click the Export/Import button on the label.
  6. In the Export/Import Key window, select Import Key.
  7. Select the key database file type.
  8. Type the file name or use the Browse option, and select the correct location and file name, and then click OK.
  9. In the Password Prompt dialogue box, type the correct password, and then click OK.
  10. In the Select from Key Label list, select the correct label name and click OK.

Tomcat

Backup >>

Import the Certificate

  1. Copy the backed up Keystore file to your SSL Directory. This directory can sometimes be hidden. For example: /root/.keystore
  2. Edit the server.xml file to configure the SSL connector.


Contact Us
Contact Support >>
Contact VeriSign Legal Notices Privacy Repository © 2003 - 2008 VeriSign UK Limited. All rights reserved.
8/26/08 1:43 PM