HPE Community
Server Management - Systems Insight Manager
1833167 Members
3286 Online
110051 Solutions
New Discussion

Re: Move SIM certifcate to new server

 
NJK-Work
Honored Contributor

‎03-24-2010 12:12 PM

‎03-24-2010 12:12 PM

Move SIM certifcate to new server

I am considering rebuilding my SIM 5 server to SIM 6 as a clean install (move to Windows 2008 R2, 64-bit, etc.)

I would like to retain my existing certifcate so that I do not lose all my existing trusts to managed clients. Since I will be using the same hardware, I will not be able to have both up at the same time.

I tried to export my certifcate on my production box and then import it into a test SIM 6 box I setup, but the SIM 6 box will not import it. It tells me the public key does not match (which makes sense and I understand why it is telling me that). There is no option, during the export, to include the public key as part of the export.

Does anyone know how to do this?

Thanks
Nelson
0 Kudos
Reply
2 REPLIES 2
David Claypool
Honored Contributor

‎03-24-2010 03:32 PM

‎03-24-2010 03:32 PM

Re: Move SIM certifcate to new server

No, that would violate like 18 different PKI security rules. Build the new server and then use either 'Replicate Agent Settings' from the old server to distribute the new certificate or 'Configure or Repair Agents' on the new serve to distribute the new certificate.
0 Kudos
Reply
NJK-Work
Honored Contributor

‎03-24-2010 05:14 PM

‎03-24-2010 05:14 PM

Re: Move SIM certifcate to new server

Thanks.

BTW - I can export certificates on Windows IIS servers without any problem. This is how you get the same certicate on multiple web servers that are behind a NLB without having to create requests on each server. The trick is exporting the public and private key. If SIM could do this, my problem would be solved.

Nelson
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.