Import a trusted certificate

  • Article

Updated: August 21, 2008

Applies To: Windows SBS 2008

If you purchased a trusted certificate that you are using on a different server, and the certificate is available to export, you can move it to Windows SBS 2008. To do this, you must export the certificate from the server where it was originally installed, import it to the server that is running Windows SBS 2008, and then run the Add a Trusted Certificate Wizard to connect the certificate to Remote Web Workplace.
If you are exporting a trusted certificate from Windows SBS 2008, use the procedure To export a trusted certificate from Windows SBS 2008.

To export a trusted certificate from the original server

  1. On the server where the trusted certificate is installed, click Start, click Run, type mmc.exe, and then press ENTER.

  2. On the console, click File, and then click Add/Remove Snap-in.

  3. Click Add, choose Certificates from the list, click Add again, and then click OK.

  4. On the pop-up window, click Computer Account, click Finish, and then click OK.

  5. Expand Certificates, expand Personal, and then click Certificates.

  6. Right-click the certificate that is issued to your Web site (for example: remote.contoso.com), click All Tasks, and then click Export.

Note

There may be multiple certificates with the same name. Ensure that you choose a certificate that has a valid expiration date and that was issued by a trusted authority. If you are not sure which one to use, open Internet Information Services (IIS), determine which certificate IIS is using on the Source Server, and then choose that certificate.

  1. In the Certificate Export Wizard, click Next.

  2. Ensure Yes, export the private key is selected, and then click Next.

  3. Ensure Include all certificates in the certificate path if possible and Export all extended properties are selected, and then click Next. Do not select Delete the private key if the export is successful.

  4. Type a password to protect the certificate file, and then click Next.

  5. Choose a location to save the .pfx file (for example, C:\trustedcert.pfx), and then click Next.

  6. Finish the wizard.

To export a trusted certificate from Windows SBS 2008

  1. Open the Windows SBS Console in Advanced Mode. To do this, click Start, click Administrative Tools, and then click Windows SBS Console (Advanced Mode).

  2. On the navigation bar, click the Network tab, and then click Connectivity.

  3. In the task pane, click Manage certificates.

  4. On the pop-up window, expand Certificates, expand Personal, and then click Certificates.

  5. Right-click the certificate that is issued to your Web site (for example: remote.contoso.com), click All Tasks, and then click Export.

Note

There may be multiple certificates with the same name. Ensure that you choose a certificate that has a valid expiration date and that was issued by a trusted authority. If you are not sure which one to use, open Internet Information Services (IIS), determine which certificate IIS is using on the Source Server, and then choose that certificate.

  1. In the Certificate Export Wizard, click Next.

  2. Ensure Yes, export the private key is selected, and then click Next.

  3. Ensure Include all certificates in the certificate path if possible and Export all extended properties are selected, and then click Next. Do not select Delete the private key if the export is successful.

  4. Type a password to protect the certificate file, and then click Next.

  5. Choose a location to save the .pfx file (for example, C:\trustedcert.pfx), and then click Next.

  6. Finish the wizard.

To import the trusted certificate to Windows SBS 2008

  1. Move the trustedcert.pfx file to the server that is running Windows SBS 2008, by using either the network or a USB drive.

  2. Open the Windows SBS Console in Advanced Mode. To do this, click Start, click Administrative Tools, and then click Windows SBS Console (Advanced Mode).

  3. On the navigation bar, click the Network tab, and then click Connectivity.

  4. In the task pane, click Manage certificates.

  5. On the pop-up window, expand Certificates, expand Personal, right-click Certificates, click All Tasks, and then click Import.

  6. On the Certificate Import Wizard Welcome page, click Next.

  7. Browse to the location of the saved .pfx file, and then click Next.

  8. Type the password that you typed in the Export procedure, ensure that Mark this key as exportable and Include all extended properties are selected, and then click Next.

  9. Ensure that the certificate will be imported to the Personal folder, and then click Next.

  10. Finish the wizard.

To ensure that the server is using the newly imported certificate, run the Add a Trusted Certificate Wizard.

To run the Add a Trusted Certificate Wizard

  1. Open the Windows SBS Console.

  2. On the navigation bar, click the Network tab, and then click Connectivity.

  3. In the task pane, click Add a trusted certificate.

  4. On the Welcome page, read the information, and then click Next.

  5. On the Get the certificate page, click I have a certificate from my certificate provider, and then click Next.

  6. On the Import the trusted certificate file page, either paste the information that you received from the provider or browse to the location where you saved the trusted certificate file, and then click Next.

  7. When the wizard finishes, click Finish.