Replicating a Certificate on Multiple Servers

To use the same certificate on multiple servers, you import the certificate and then export it into a .pfx file. The .pfx file can then be distributed to the other servers and imported using the Certificate Management Tool.

On one computer, you must create the original request file (.crq) and then import the certificate chain file that was generated from this request. You then create a backup of the certificate (the .pfx file) using Export with key pair. On the other servers, you use the Certificate Management Tool’s Import with key pair functionality to import the certificate from the .pfx file.

To export a certificate for replication to multiple servers

1. Click the Start button, point to Programs, point to Microsoft Site Server, point to Commerce, and then click Certificate Management to display the Certificate Management Tool.
2. Click Manage My Certificates.
3. Click the certificate to export, and then click Export with Key Pair.
4. Type a password to use to encrypt the exported key pair.
5. Type the full path and filename for the .pfx file, or click Browse and specify a location and file name. Click OK.

   The confirmation message specifies the type of certificate that was exported into the .pfx file (the type was specified when you created the original certificate request):

   • υMachine. Allows anyone logged onto the computer to import or export the certificate.
   • υCurrent user. Allows only the user who was logged on when the original certificate request was created to import or export the certificate.

   If this is a machine scope certificate, you must select the Machine Key Scope check box when you import the certificate on the other servers.

To import the certificate on other servers

1. Click the Start button, point to Programs, point to Microsoft Site Server, point to Commerce, and then click Certificate Management to display the Certificate Management Tool.
2. Click Manage My Certificates.
3. Click the certificate to export, and then click Import with Key Pair.
4. Specify which certificate to use if the certificate contained in the .pfx file is a duplicate of one already installed on your system.
5. Type the password that was used to encrypt the exported key pair.
6. Type the path to the .pfx file from which to import the certificate (or click the Browse button and locate the file).
7. If the .pfx file contains a machine-based certificate, select the Machine Key Scope check box.
8. Click OK.