Installing SSL on a Windows Server 2012 with IIS 8.0

Solution 1:

I ran into the same issue with a GoDaddy SSL certificate on Windows 2012 / IIS 8. What worked in my case, after getting the "Failed to Remove Certificate" error, was this:

  • I have tried adding it again, this time getting an "Access Denied" error.
  • I have also tried adding it to the "Personal" store instead of "Web Hosting" but same "Access Denied" error appeared
  • so I went back to the Certificates snap-in using MMC and found the certificate was already there - under Certificates (Local Computer) / Personal
  • Instead of doing the export/import thing that Scott suggested, I simply tried dragging the certificate down to Certificates (Local Computer) / Web Hosting node - and, surprisingly, it worked
  • After doing the above, I went back to IIS Manager and was able to use the certificate in the site bindings right away

Solution 2:

I ran into a Similar Issue. I had to download the certificate as a .P7B file, Install the Certificate into the local Cert Store, then Export the Certificate as a .PFX with a Password.

Right Click the Cert and Click Install, You can choose Automatic, or the 'The Following Store' I believe Automatic installs it into Local Computer/Personal. So in MMC, load in the Certificate Snap-in for Local Computer, and then look in the Personal Folder or where you chose to install it, you should see your Cert. Right Click, All Tasks, Export

Once I had the .PFX certificate I was able to import that certificate into IIS8 and use it in the SSL Bindings for the Site.

Scott<-

Solution 3:

I had the same issue. I fixed with openssl

openssl pkcs12 -export -in my.crt -inkey my.key -certfile my.bundle -out my.pfx

Than i imported to IIS 8.5

Solution 4:

Run IIS Manager as administrator! Always - when doing SSL changes!

Also when GoDaddy automatically updates a certificate they use the same key you originally had - so you don't need to rekey for the same machine. It is the lack of running as admin that gives these stupid messages. I always forget. Every two years.

To renew when Godaddy renews your cert without you providing a new CSR:

  • Run IIS manager as admin
  • Go to Server Certificates
  • Right click and select Renew
  • Choose the third option : Complete certificate renewal request
  • Select the .crt file

Tags:

Iis

Ssl

Iis 8.5

Iis 8

Recent Posts