Re: clustering and SSL/Certificates

Tech-Archive recommends: Fix windows errors by optimizing your registry

Hey Rodney,

This can be done as well, you just need to export the cert to file (pfx,
etc), then re-import it at destination server.

Cheers.
--
Regards,
Bernard Cheah
http://www.tryiis.com/
http://support.microsoft.com/
http://www.msmvps.com/bernard/

ps: I spoke to you when you were in Malaysia (TechEd) :)

"Rodney R. Fournier [MVP]" <rod@xxxxxxxxxxxxxxxxxxxxxxxxxxx> wrote in
message news:OwRscmpOFHA.904@xxxxxxxxxxxxxxxxxxxxxxx
> Using Microsoft's CA, you can indeed deploy and reuse the cert. This is
> perfectly fine.
>
> Using a commercial cert, this is simply not allowed.
>
> Cheers,
>
> Rod
>
> MVP - Windows Server - Clustering
> http://www.nw-america.com - Clustering Website
> http://www.msmvps.com/clustering - Blog
>
> "Bernard" <qbernard@xxxxxxxxxxxxxxxxxxx> wrote in message
> news:eYf69toOFHA.2708@xxxxxxxxxxxxxxxxxxxxxxx
>> Not too sure about MCSC, but in NLB setup, we deploy the cert twice if
>> there's 2 nodes. it's the same cert. I would assume it will be the same.
>> Try it out -
>> HOW TO: Back Up a Server Certificate in Internet Information Services 5.0
>> http://support.microsoft.com/?id=232136
>>
>> How to Import a Server Certificate for Use in Internet Information
>> Services 5.0
>> http://support.microsoft.com/?id=232137
>>
>>
>>
>> --
>> Regards,
>> Bernard Cheah
>> http://www.tryiis.com/
>> http://support.microsoft.com/
>> http://www.msmvps.com/bernard/
>>
>>
>> "John Grandy" <johnagrandy-at-yahoo-dot-com> wrote in message
>> news:%23w1zs2iOFHA.1040@xxxxxxxxxxxxxxxxxxxxxxx
>>> Does each web server in a cluster always have its own pair of
>>> public-key/private-key certificates? Or do all web-servers share the
>>> same pair?
>>>
>>> Or is this a design decision? If so, what are the relevant factors, and
>>> what is the typical design?
>>>
>>
>>
>
>


.

Relevant Pages

  • RE: IIS Key pairs (how to export an IIS 4.0 self-issued Root CA a nd import into new IIS 4.0 box)
    ... it prompts the user for what client cert they want to use to connect to the ... it issues client certificates to the end users. ... Step I - Installing the New Server ... Install NT SP 3 ONLY ...
    (Focus-Microsoft)
  • Re: ActiveSync error 0x85010004 from Windows Mobile 6 to SBS 2003
    ... I found a link suggesting a test of the OMA using a desktop browser by ... the server and from the phone. ... I then reinstalled the cert, ... Before installing the cert, I could ...
    (microsoft.public.windows.server.sbs)
  • RE: Certificate logon on Unix
    ... I don't know of any package but there is prolly one out there you should ... The good news is that getting fulle client ... and server side authentication is pretty easy so it will work as a quick ... setup your CA and make the root cert Pbk available to everyone. ...
    (Security-Basics)
  • Re: SSL certificates
    ... Should I just create a new self signed cert for StartTLS? ... self-signed certificate to advertise StartTLS to internet Server to Server ... Also I am trying to see how the send/recieve connectors FQDN play a part ...
    (microsoft.public.exchange.admin)
  • Re: Cingular 8125 and ActiveSynch
    ... What error message do you get when you copy the cert to the phone and click ... The last time I worried about it, Verizon ... Windows Mobile 5.0. ... They have a SBS Standard 2003 Server with all Service Packs (Exchange ...
    (microsoft.public.windows.server.sbs)