how to move SSL cert to new server
how to move SSL cert to new server
I have inherited a domain from another server...how to move ssl cert to new server...
Is this done through Plesk by simply cut and paste the cert and key data into a new server cert, or is it done by moving the certs and key files themselves onto the server, into the erc/httpd/ssl.crt directory along with the server cert...
If that is done, what else is needed to secure the domain...
thanks
Is this done through Plesk by simply cut and paste the cert and key data into a new server cert, or is it done by moving the certs and key files themselves onto the server, into the erc/httpd/ssl.crt directory along with the server cert...
If that is done, what else is needed to secure the domain...
thanks
Re: how to move SSL cert to new server
Hm, might be problematic to move the cert if the servername has changed becuase the servername is embedded in the cert.
Re: how to move SSL cert to new server
Recently transferred a dozen websites (w/SSL) one-by-one to a new server (Plesk 8.6 on old, Plesk 9 on new).
On old server:
1. Go to existing domain certificate and note name/details/bit-depth/Private key/Certificate/CA certificate.
On new server:
1. Create domain name (exactly the same as on old).
2. Click 'Add SSL Certificate'.
3. Paste/duplicate the details field-for-field from old server (CSR isn't required).
4. Set-up domain, assign IP/cert as usual.
5. Test domain via https://IP-ADDRESS, check the certificate details, it should correct; there will still be an alert in browser as IP doesn't match cert.
This might be as biggles suggests, because although the full server name was not the same (server1.domain.tld1, server2.domain.tld2), the domain bit in the middle was. But if you have IP addresses assigned on new server, test with one domain and see how it goes.
Good luck!
On old server:
1. Go to existing domain certificate and note name/details/bit-depth/Private key/Certificate/CA certificate.
On new server:
1. Create domain name (exactly the same as on old).
2. Click 'Add SSL Certificate'.
3. Paste/duplicate the details field-for-field from old server (CSR isn't required).
4. Set-up domain, assign IP/cert as usual.
5. Test domain via https://IP-ADDRESS, check the certificate details, it should correct; there will still be an alert in browser as IP doesn't match cert.
This might be as biggles suggests, because although the full server name was not the same (server1.domain.tld1, server2.domain.tld2), the domain bit in the middle was. But if you have IP addresses assigned on new server, test with one domain and see how it goes.
Good luck!
Re: how to move SSL cert to new server
I've only done this once (from different hosting provider to us) but didn't have any problems.
Essentially as long as the the certificate, private key (and CSR) are copied it just works.
Essentially as long as the the certificate, private key (and CSR) are copied it just works.
--------------------------------
<advert>
If you want to rent a UK-based VPS that comes with friendly advice and support from a fellow ART fan, please get in touch.
</advert>
<advert>
If you want to rent a UK-based VPS that comes with friendly advice and support from a fellow ART fan, please get in touch.
</advert>
Re: how to move SSL cert to new server
Worst case scenario is you can hack Apache to load it manually. Just means that Apache will ignore changes that Plesk makes.
All you should need are the cert files off the server. I've never had a problem moving certs either by copy and paste or by moving the file.
All you should need are the cert files off the server. I've never had a problem moving certs either by copy and paste or by moving the file.
"Its not a mac. I run linux... I'm actually cool." - scott
Re: how to move SSL cert to new server
It worked by just copying the text files from one server, then using plesk, i "added" cert by pasting into their respective areas for the new cert...however it did take a few days for everything to resolve and be recognized by the browsers...
1.added ip to server
2.created domain in plesk
3.cut and paste cert to new server
4.control panel assignment of dns for domain and ip
Also designated in plesk for the http and https files to be from same directory for that domain, which would be the http directories, otherwise there must be two sets of files.
5. verification testing
6.Works!
Thanks for the guidance...next time it might be more cost efficient to just get a new cert...
1.added ip to server
2.created domain in plesk
3.cut and paste cert to new server
4.control panel assignment of dns for domain and ip
Also designated in plesk for the http and https files to be from same directory for that domain, which would be the http directories, otherwise there must be two sets of files.
5. verification testing
6.Works!
Thanks for the guidance...next time it might be more cost efficient to just get a new cert...
Re: how to move SSL cert to new server
Things seem to be functioning correctly in the browsers, but I am getting this error regarding the cert for this ip...
I am using plesk 9.2.5 or whatever is the latest, and my cert was configured in plesk, as were all the domain configurations...
Any ideas?
upon looking around I find referrences to editing the vhost.conf file for that domain...I do not have a vhost.conf file for that domain, or ANY domain on my server![warn] RSA server certificate CommonName (CN) `www.gertrudezachary.com' does NOT match server name!?
I am using plesk 9.2.5 or whatever is the latest, and my cert was configured in plesk, as were all the domain configurations...
Any ideas?
Re: how to move SSL cert to new server
you don't need to have a vhost.conf. If you want one you would have to
- create it manually and additionally to the httpd.include file under /var/www/vhhots/domain.tld/conf
- edit it with the settings you want to make
- and than run
-restart apache
If the cert is used with an shared ip that is used for multi hosted sites that warning is inevitable in my opinion.
See this KB from Parallells:http://kb.parallels.com/1500
- create it manually and additionally to the httpd.include file under /var/www/vhhots/domain.tld/conf
- edit it with the settings you want to make
- and than run
Code: Select all
/usr/local/psa/admin/sbin/websrvmng --reconfigure-vhost --vhost-name=domain.tld
If the cert is used with an shared ip that is used for multi hosted sites that warning is inevitable in my opinion.
See this KB from Parallells:http://kb.parallels.com/1500
Re: how to move SSL cert to new server
I have cleaned up my cert, which was missing a geotrust CA...seems that everything that is not geotrust must update their certs with a new CA since July 2010...
thanks for the info on the vhost.conf file...guess this is why i have plesk...
thanks for the info on the vhost.conf file...guess this is why i have plesk...
-
- Long Time Forum Regular
- Posts: 2813
- Joined: Sat Aug 20, 2005 9:30 am
- Location: The Netherlands
Re: how to move SSL cert to new server
Also see Plesk's documentation on vhost.conf: Including Directives into Web Server Configuration File.
Lemonbit Internet Dedicated Server Management