SamCogan.com

I recently used the web platform installer to install IIS 7.5 and PHP on a Windows 7 machine. I also needed to install the LDAP extension, however after some time struggling to use an extension from the PHP site, or from an old install I discovered the best way to do this

• Go to control panel, programs and select your PHP install
• Click on change
• Click next, then change
• Select IIS fast CGI
• Expand the Extensions section and tick the extensions you want to install
• Complete the install

I recently needed to renew an SSL certificate on an IIS 7 server. The usual method to do so would be to generate a renewal CSR on the server, go to the SSL provider and generate a certificate, simple. However in this case I was presented with a renewed certificate that had been created using the CSR that had been used to generate the original certificate, so how do I get this into IIS, I can't just add it to my certificate store, as the machine doesn't believe it has the private key for this cert. The certifcate managment console has an option to renew a cert with an exisiting key, great I thought! but

However this just gives an error about a template. So, after some research I found a way to deal with this situation, so that I can assign the private key from the old cert, to this cert and therfore use it in IIS.

1. Open up the Certificate Services MMC, and connect to the local computer store

2. Import the new certificate into the Local Computer Personal store.

3. Export the “old” certificate including the private key do NOT set the option to delete the private key on success!

4. Delete the “old” certificate in the MMC

5. Get the the serial number from the new certificate and run this command from an elevated cmd prompt:

certutil –repairstore my “put serial here”

6. Assign the new certificate to the IIS website

Once that is done, the certificate works perfectly, without having to generate a new CSR. Thanks to Andreas Klein for his blog post that lead me to this solution