Upgrading an IIS SSL cert from 1024 to 2048 bit encryption

With increasing minimum requirements in SSL security, many — if not all — SSL certificate issuers are requiring that 2048-bit CSRs be used to generate new certificates.

If your website on an IIS server is already using a certificate, there is no way to generate a new cert with any options changed from the current cert.  In order to generate a new CSR with 2048-bit encryption to replace your current 1024-bit cert, you need to either remove the server’s current cert (rendering the site insecure), or create a new website and generate the CSR from it.

Microsoft Support has an article describing the section option.

This article describes how you can create a new certificate signing request (CSR) or generate a renewal request without having to remove the existing certificate from your Web site.

via How To Renew or Create New Certificate Signing Request While Another Certificate Is Currently Installed.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s