Migrating to a new server?

Using CertifyTheWeb 4.8 on a web server. We are migrating to a new server and all of the certificates and settings for CertifyTheWeb have to be manually recreated on the new web server? The new web server is running CertifyTheWeb 5.1. I would prefer a migration path (export and import settings and certificate settings).

Hi, an official migration process is planned for the 5.x timeline. Currently though there are a couple to ways to migrate. One is to setup all your sites again perhaps using the CSV import feature so you can do them in bulk, or you can manually migrate your settings:

Test Phase (repeatable):

  • Restore your IIS configuration etc on the new server
  • Install the latest (v5) version of Certify The Web on the new server, then stop the Certify background service under Local Services.
  • Copy the whole C:\ProgramData\Certify folder to C:\ProgramData\Certify on the new server, delete/replace the existing folder on the new server
  • If there is reg_1 file (on the new server), delete that as that license key won’t work on the new server until it’s re-applied.
  • Start the Certify background service under Local Services
  • Open Certify, Preview a few managed certificates to check the planned bindings updates all look correct (e.g. one or more bindings will be updated when the certificate runs) this info is at the bottom of the Preview page and mentions things like SNI etc.
  • To Re-apply the certificates (which will store them in the computer certificate store and apply them to https bindings): run ‘certify diag autofix’ from the Administrator command line under C:\Program Files\CertifyTheWeb
  • You should then review your https bindings in IIS to ensure they have all updated with the expected SSL certificates.

Go Live

  • Once sites are reviewed and confirmed you can switch DNS over to the new server (or repoint your IP depending on how you are migrating the domains). You should then review sites are working normally via https (and requests are all going to the new server).
  • You should then try renewing one of the certificates (once DNS changes have replicated) to ensure renewals will function normally.
  • If any of your renewals use DNS validation (and associated Stored Credentials) you will need to replace the credential under Settings as these would previously have been encrypted for the old machine and will not be accessible on the new machine.
  • If you are using Scripting or WebHooks for any sites, these will be migrated to Pre/Post Deployment Tasks under Deployment > Deployment Tasks. Please check these to ensure they migrated/run OK.
1 Like