SUMMARY

After you install Internet Information Services (IIS) 5.0, you may want to import a backup key file from an older version of IIS. This allows you to use the SSL capabilities on your new server (and replace the old one).

Note If you are upgrading the server to IIS 5.0, this should be done for you automatically. You will not need to export or import the private or public key pair from the older server. It is always recommended, however, that you keep a backup for emergency purposes. For more information about backing up your key pairs, click the following article number to view the article in the Microsoft Knowledge Base:

Before you go through this process, be sure that the common name (CN) of the computers is the same. In other words, if your user will be typing in https://www.widgets.microsoft.com (as an example), the common name on the certificate needs to reflect this (in other words, it would be www.widgets.microsoft.com). Typically, this should be the same name that the DNS server resolves as you server.

We strongly recommend that all users upgrade to Microsoft Internet Information Services (IIS) version 6.0 running on Microsoft Windows Server 2003. All of the default security-related configuration settings in IIS 6.0 meet or exceed the security configuration settings made by the IIS Lockdown tool. Therefore, you do not need to run this tool on Web servers that are running IIS 6.0. However, if you are upgrading from a previous version of IIS, you should run the IIS Lockdown Tool before the upgrade to enhance the security of your Web server.