If you just want a quick-n-dirty way to do this via the GUI: In IIS create a new website (just a dummy one). Run it on some arbitrary port Assign the certificate you wish to renew Use the wizard to generate the necessary renewal CSR Submit the CSR, and get your new certificate Import it into IIS via the wizard Assign the renewed cert to the real site (or export the cert and import onto your real server) Delete dummy website
Cheers Ken From: Kevin Edwards [mailto:[EMAIL PROTECTED] Sent: Wednesday, 14 May 2008 5:26 PM To: NT System Admin Issues Subject: certificate renewals on a box with multiple certificates Hi All We have ISA2006 publishing owa and Symantec Enterprise Vault. On the ISA server I looked via the MMC and there's 2 certs ev.blah.com and owa.blah.com both from thawte. Same thing on our two exchange 2003 front end servers. What I'd like to do is generate a renewal request for the ev.blah.com certificate. But if I run the wizard from the default website level I don't get a renewal option which is what I want. If I run it with the 'assign a certificate' box checked it does show both certificates there. If I try on a subsite the 'server certificate' button is greyed out. I suppose I could export the cert via the MMC - import it into another server that doesn't have any cert and do the renewal from there - but that's not exactly convenient. Any ideas greatly appreciated. ~ Upgrade to Next Generation Antispam/Antivirus with Ninja! ~ ~ <http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm> ~