Can you install Certify on a server that has an existing cert to manage and renew that cert?

Sorry if this is a simple situation but I am out of my depths with everything to do with certs. We had a situation where we had to move a cert from a Windows 2012 server to a Windows 2019 server using the native export and import. The cert was generated on the 2012 server using Certify. After importing the cert to the Windows 2019 server a month or so later we need to renew the cert. So I installed Certify on the server, however I do not see a mechanism to point Certify to the existing cert so I can manage/renew it. Is there a way to do this? I’m sure I’ve probably done something wrong so if someone can point me in the right direction I would greatly appreciate it!

I would just set it up normally. Just treat it as though the site is currently using a self-signed/foreign certificate and Certify should just replace the used certificate. It might not clean up(delete) the previous certificate if you have that enabled, but that’s a minor issue.

Yes, just set it up as a new Managed Certificate, if you still have the old server you could refer to the UI to copy the same settings. It’s technically possible to copy files/config etc but that’s only worthwhile if you have hundreds of certs.

Certificates validate by proving you control the domain the certificate is for, using either http validation (a request to server to prove it is hosting that domain) or DNS validation (a special TXT record is created/updated in your domain’s DNS). So you’ll want to copy whatever method was used on the old server.

Note also that once you have set up your managed certificate you can check the Preview tab to ensure the expected IIS bindings will be updated (bottom of the preview page).

1 Like