Questionn regarding GoDaddy SSL on DUO AG is expiring soon

DorkSkyBlues · ‎02-10-2021

I have a GoDaddy SSL on IIS on my Duo Access Gateway. It expires soon. Since it hasn’t expired yet, i just need to download the SSL from Godaddy, import the new intermediate SSL cert in the server’s certificates MMC. The next step is my question. Can I just go to IIS>server name> server certificates>actions then Import? Instructions by DUO appear to just cover setting up a new DUO AG server where you Create Certificate Request then Complete Certificate Request.

DuoKristina · ‎02-11-2021

Yes, you will import your new certificate into the cert store on the Windows server like you did the first time, and then in IIS update the HTTPS site bindings to use the new certificate instead of the expiring one via the drop-down that lists the available certs.

ETA: Basically this, but in step 28 instead of creating a new binding, you edit the HTTPS/443 binding that is already there to pick the new certificate.

Duo, not DUO.

DorkSkyBlues · ‎02-11-2021

Regarding “Install your SSL certificate” Steps 17 thru 24 may be skipped since this time I did not Create (a) Certificate Request. I just downloaded the updated certificate from GoDaddy (with new validity period). Right?

DuoKristina · ‎02-11-2021

Yes, sorry, I was just referring to the steps in the “Bind the SSL certificate” section.

Duo, not DUO.

DorkSkyBlues · ‎02-24-2021

Thank you for your previous response. I still run in to an issue when after Complete Certificate Request, then browsing to the cer file, adding a friendly name and clicking ok. In Server Certificates, it then shows the original godaddy certificate which the date expiring in May 2021, and the certificate with the the renewed date expiring in 2022. When i click to server and then back to Server Certificates the expiring certificate is still there, but the new one is gone.