How to Move an SSL Certificate From One Server to Another

When the time comes to retire an old server to make way for newer and faster technology, there are many details to manage. One of those is relocating SSL certificates from the old server to the new server, so that SSL's job of securing Internet transactions can continue. Any interruption to the security of a website can result in disastrous consequences for both the Internet business owner and the customers. However, there is a process for moving an SSL certificate from one server to another.

Export the SSL Certificate

• 1

  Start the Microsoft Management Console. Click "Start," enter "mmc" in the Search Box and press "Enter."

• 2

  Add the Certificate Snap-in. Click "File," "Add/Remove Snap-in," "Certificates," and "Add." Click "Computer Account," and then click "Finish" and "OK" to close the dialog.

• 3

  Expand the "Certificates (Local Computer)" item in the left panel. Expand the "Personal" object, and click "Certificates."

• 4

  Click the certificate you want to export, located in the center panel, and find the corresponding item in the "Actions" panel. Click "More Actions," and then click "All tasks."

• 5

  Click "Export," which will start the Certificate Export Wizard. Click "Next" to proceed.

• 6

  Select "Yes, export the private key." Click "Next," and then click "Next" again to accept the defaults for the export process.

• 7

  Enter a password for the SSL certificate to be exported, and record it for later reference. Re-enter the password in the "Confirm" box and click "Next."

• 8

  Enter a file name for your exported SSL certificate. Browse to a specific location, enter the file name and click "Save." Click "Next" to proceed, and click "Finish" to export the certificate and close the Export Wizard dialog.

Import the Certificate to the New Server

• 1

  Move the previously exported certificate file to your target server. Most any method of moving a file will work, including copying to a flash drive or CD, or emailing it.

• 2

  Click "Start" and enter "mmc" in the Search Box. Press "Enter" to start the Microsoft Management Console.

• 3

  Click "File," "Add/Remove Snap-in," "Certificates," and "Add." Click "Computer Account" and "Finish." Click "OK" to close the dialog.

• 4

  In the left panel, expand "Certificates (Local Computer)," and then expand the "Personal" object.

• 5

  Right-click "Certificates," click "All tasks" and then "Import." This should start the Certificate Import Wizard.

• 6

  Click "Next" in the initial dialog to proceed. Browse for the file you created and copied previously and click "Open." Click "Next" and enter the password you created in the export process. Click "Next."

• 7

  Accept the default certificate store location of "Personal" by clicking "Next." Click "Finish." A message box will appear indicating a successful SSL certificate import. Click "OK."

Assign the SSL Certificate to Your Website

• 1

  In the left panel, expand the machine level. Expand the "Sites" item and click on the target website for the imported SSL certificate.

• 2

  In the "Actions" panel, click "Bindings," and then click "Add" in the "Site Bindings" dialog.

• 3

  Expand the "Type" item and select "https." Expand the "IP Address" item. Select the IP address that is assigned to the target site.

• 4

  Expand the "SSL Certificate" item. Select the your imported SSL certificate and click "OK" to accept. Click "Close." Your imported SSL certificate is now assigned to the target website.

• 5

  Start a browser session. Enter "https://<sitename>," where <sitename> is the name of your site. Press "Enter." If you see a Security Alert dialog asking for permission to proceed, you have successfully moved your SSL certificate from one server to another.