At home I typically use Linux whenever possible and feel pretty familiar working with Openssl when it comes to generating different certificates, making a certificate signing request (CSR) and what the different files mean. But when it comes to Windows boxes, I’ve generally used the certificate wizard like everyone else. Today I had an issue with moving a wildcard certificate from one windows box to another because you can’t just look in the file system to find the private key for the public key your certificate authority (CA) just finished issuing to you from the CSR you built previously.

Essentially, you’ve got to use the Windows mmc console, add the certificate Snap-in and export the certificate’s private key & public key to the new server via a PFX file which is password protected. Once you’ve moved it. You can simply select the new certificate at the Bindings option or use the certificate wizard to bring it in. I won’t go into lots of details but will show you the link I found here: