I have two AD servers in a domain, both running Windows Server 2019, the second is a Core server configured as a RODC. I have the main server working as a Certification Authority, where I'm supposed to issue the certificates for the internal websites that are running on the Core server. I need to enable SSL on the websites that are running on the Core server, but using the certificates generated on the main server, so far I haven't found a way to do that. The closest I got was through the "Certificates" MMC snap-in, but when I try to import the .pfx file I get the notification that importing a .pfx file to a remote certificate store is not supported. How can I assign these certificates, that are issued and located in the main server, to the websites running on IIS in the Core server?
Asked
Active
Viewed 215 times
1 Answers
0
You can install the PFX on Server Core installation using certutil.exe command-line tool:
certutil -importPFX c:\mypfxx.pfx
provide a password for PFX when prompted. Then you can connect remotely to IIS server using IIS Management Console and create HTTPS binding for website.
Crypt32
- 6,639
- 1
- 15
- 33
-
I guess I won't be able to use a nice GUI to do that, but at least I got it working with that, thanks. – sanosuke_kursch Sep 09 '21 at 13:00
-
that's correct, you cannot use GUI on server core and cannot use remote Certificate managers to install the certificate remotely, CLI is your the only choice. – Crypt32 Sep 09 '21 at 13:02