I created a new website on my new install of Windows Server Enterprise 2008 R2. I can get to the default web site using SSL using the autogenerated cert that was created at some point in the install and configuration of the OS.
I exported our SSL cert from our Server 2003 and attempted to set the cert up on this new install. I imported it with no problems into the cert repository.
The problem arose when I tried to bind the cert to the website. When I select the cert I get "There was an error while performing this operation"
" A specified logon session does not exist. It may have already been terminated. (Exception from HRESULT: 0x80070520)
So I found that the way around this was when you import the cert into the repository you need to mark it as exportable. I guess that seems ok, but is there something I should do to fix any security risks?
I do not believe that you have introduced any unnecessary security risks to the web server by this action. Marking the key as exportable during the certificate import is the standard way of doing it. By marking the key as exportable, you are allowing the certificate to be exported again in the future (in case you need to move it to another server).
User contributions licensed under CC BY-SA 3.0