SSL disappear from the certificate list of Windows Server

Users with Windows servers may occasionally encounter an issue when an imported certificate disappears from the list of server certificates. Most often, this happens right after completing certificate request in Internet Information Services (IIS) Manager .

The lists of server certificates in IIS contains only certificates that are assigned to the corresponding private key and generated along with the certificate signing request (CSR) user for activating a particular certificate. When the link between certificate and private key is broken for some reason, the certificate disappears.

In order to make the certificate reappear, you will need to force the link between the certificate and the private key using the following steps.

1. Open the Microsoft Management Console (MMC) on your server machine. Make sure that you are logged as administrator before proceeding. To open MMC, press Win+R combination, type in mmc and click OK.

2. In File menu, select Add/Remove Snap-in.

3. In the Add or Remove Snap-ins dialogue window, select Certificates and click Add.

4.  Choose Computer Account in the Certificates snap-in window, click Next

5. Tick Local computer in the Select computer box, then click on Finish.

6. The required snap-in is selected now. Click the Ok button to proceed. The snap-in is added to console.

7.   Locate the certificate that was imported when completing certificate request. The certificate should be in Personal store. Note that icon of the certificate next to the domain name does not have a key on it. Means that no private key is assigned to the certificate.

8. Double –click the certificate and go to Details tab.

9. In certificate details locate the serial number field, click on it and copy its value.

10.  Open Command Prompt by pressing Win+R and typing the cmd, then click OK. Type the command as below and press enter.

11. In the command prompt type : certutil –repairstore my Serial_number xxxxxxxxxxxxxxx.( Note: Make sure the serial number of your certificate does not contain any spaces. It should be single string of symbols.)

If you receive “Certutil: -repairstore command FAILED:0X800900100” error, this means that the certificate request was generated on another server, and the private key is absent on this one. You need to either transfer the key to your server via PFX file or create a new CSR code and reissue the certificate.

 

1 reply
  1. Homepage
    Homepage says:

    Someone necessarily assist to make critically articles I would state. This is the very first time I frequented your website page and thus far? I amazed with the analysis you made to create this particular put up incredible. Great process!

    Reply

Trackbacks & Pingbacks

Leave a Reply

Want to join the discussion?
Feel free to contribute!

Leave a Reply

Your email address will not be published. Required fields are marked *