Recipe 12.11. Backing Up SSL CertificatesProblemYou want to back up your server certificate and its associated private key. SolutionUsing a graphical user interface
Note that you can also choose to export the certificate to a shared folder on a remote server, which may be a better option if you want to centralize certificate backups for multiple web servers. Using a command-line interfaceUsing the IISCertDeploy.vbs command script included in the IIS 6 Resource Kit Tools, the following command backs up a server certificate previously installed on a web site that has ID number 1005026399: > iiscertdeploy -e C:\Certback\back.pfx -p <password> -i w3svc/1005026399 Note that the certificate is backed up as a password-protected *.pfx file. Do not lose your password or you won't be able to restore your backed-up certificate if necessary. Using VBScriptFor a good example script on how to export or back up a certificate, see iiscertdeploy.vbs in the IIS 6 Resource Kit. DiscussionBacking up your server certificate is important in case you need to replace your SSL-enabled web server with a different computer. Be sure you back up certificates and any private keys to a secure location. To restore a backed-up server certificate to a different IIS computer, follow the previous procedure, but at step 7, select All Tasks Do not select the option Delete the private key if export is successful when you run the Certificate Export Wizard; otherwise, SSL will no longer work on your site and will have to be reconfigured. |
Recipe 12.9