Смотреть (2048) (2010) в Full HD качестве ОНЛАЙН

Дата: 30.12.2017

(2048) (2010)

In the end, I came across the following solution which worked correctly: This requires care in Microsoft IIS when renewing a certificate that has a key size of 1024-bits. When renewing an already existing certificate, Microsoft IIS will retain all of the details of the currently installed certificate.

This includes the key size which may be set to 1024-bits. In order to get the option to change the key size in IIS, you must remove the certificate which has the effect of taking down your website on port 443 https: This article describes an alternate method to increase the key size of your certificate without any downtime to your website by creating a temporary website.

Creating this website and having it stopped in IIS poses no security risks and will not affect your other websites. This can be found in the Administrative Tools in Control Panel. The Web Site Creation Wizard willl appear. In that new window, click on Next. On the next screen, type in "Temporary" into the Description field. Once you have done that, click on Next.

In the Web Site Home Directory screen, click on the Browse folder and navigate to the Inetpub folder or a folder of your choosing. Once selected, click on the Next button. The next screen shows the Web Site Access Permissions. Uncheck all of the boxes and click on Next. At the final screen click on the Finish button.

If you are familiar with this process, you can skip to Part III. Right-click on the temporary website and click on Properties from the drop down menu. A new window will appear. In that new window, click on the Directory Security tab at the top. In the same window, you will see three sections.

The bottom section named Secure communications has three buttons. Click on the Server Certificate... Select the circle, Create a new certificate. On the next step on the Wizard, select the circle, Prepare the request now, but send it later and click on Next. At the next step in the Wizard, enter in a Name for your certificate. In the field where you see Bit length: Leaving the other two check boxes unchecked, select Next.

On the next screen, enter in the full legal name of the company which the certificate belongs into the Organization field. At the next screen, you will need to enter in your FQDN fully qualified domain name of your website in the field named Common name. It looks like "secure. At the next step of the Wizard, you will need to specify where to save the CSR text file that will be created. To change the location, you should click on the Browse... After you have selected a location, click on the Next button.

At the final screen, you will see a summary of all the certificate details that you have created. Click on Next to generate the CSR file.

When you have generated a CSR file, you will have a pending request held for this website. If this pending request is deleted before a certificate response can be installed, the set of private keys that were created will be deleted as well.

This will render the CSR file and the certificate response useless, including during installation. Open the newly created CSR file using notepad. Right-click on the Temporary website and click on Properties from the drop down menu.

On the next screen, select the option, Process the pending request and install the certificate. If you do not see this option, this could mean that the CSR may have been deleted. If this is the case, then the certificate file is cannot be used. At the next step of the wizard, you must click on browse and navigate to the. In order for it to accept the. Once you can see it, select it. On the next screen, leave the default to port 443. You should now see a summary screen. When you have finished looking at the summary, you should click on Next.

At the final screen, click on Finish. In IIS, right-click on the production website that has the 1024-bit certificate installed and then click on Properties from the drop down menu. On the next screen, select the option, Replace the current certificate. You should see a list of certificates which contains the certificate you have installed on the Temporary website. Select the newly installed certificate that contains a key size of 2048-bits from this list.

Once selected, click on Next. Verify these details and then click on Next. Click on the Finish button on the next screen. Back in the Properties window, click on the OK button. The certificate on your website has been updated with the stronger 2048-bit certificate with no downtime. The final step of this article is to delete the Temporary website that you created in Part I.

Click on Yes at the, "Are you sure you want to delete this item?