Fresh Windows 2019 VM with IIS install, cant install Wildcard cert from GoDaddy

Question

So We have a single wildcard cert we use on all of our IIS servers, its successfully installed on all existing servers (windows 2016 and older)

We just spun up a new windows 2019 server (ive now rebuilt it twice) and the certificate wont install into IIS.

It installs into the system just fine, but the certificate will show up in IIS as its completed, then disappear right away and not allow for it to be selected at the binding step.

As earlier mentioned i rebuild the server twice now and have the exact same issue both times.

i can install the cert fine on a non-azure windows 2019 server with zero issues.

i would appreciate any help on this.

Allow me to clarify further since the Microsoft post wont let me respond to anything.

GoDaddy wildcard certs do not come in .pkf, wildcard certs are for *.domain.com so they are often installed on multiple locations

GoDaddy's Guide: https://www.godaddy.com/en-ca/help/manually-install-an-ssl-certificate-on-my-iis-10-server-27349 works on older versions of windows, i tested it yesterday. However it does not work on windows 2019

I have a fresh version of windows 2019, fully updated, fresh iis with no sites on it beyond the basic. no security software yet installed.

I have tried th is on 5 different versions of windows server 2019 now and they all fail to install the certificate.

Answer 1

Hi Mike Leger,

Thank you for posting in the Q&A Forums.

1. Check the certificate file

Make sure that the certificate file (usually in .crt or .pem format) and the private key file (.key or .pem format) you downloaded from GoDaddy are complete and undamaged. If the certificate chain is incomplete, the installation may also fail.

2. Importing PFX Certificates to the Windows Certificate Store

Use the Windows “Manage Computer Certificates” tool (mmc.exe) or IIS Manager to import the PFX file into the Computer's “Personal” certificate store. store. During the import process, you will be asked to enter a password (if you set one when you created the PFX file). 4.

3. Bind the certificate to the IIS site

In IIS Manager, select the site you want to bind the certificate to and click “Bind” to add a new binding. Select “https” for “Type” and then select the certificate you just imported from the “SSL Certificate” drop-down menu.

4. Check the IIS configuration

Make sure that the IIS configuration does not prevent the certificate from being used. Check that the application pool identity has sufficient privileges to access the certificate store.

5. Check the Event Viewer

If the certificate still does not work in IIS after installation, check the System Log and Application Log in the Windows Event Viewer, which may have detailed information about the certificate installation or IIS configuration errors.

6. Disable or uninstall security software

Sometimes security software (such as anti-virus software or firewalls) may prevent IIS from loading certificates correctly. Try temporarily disabling these software and see if the issue is resolved.

7. Check for updates to Windows Server 2019

Make sure your Windows Server 2019 system has all the latest updates and patches installed. Sometimes, system updates can resolve known issues related to IIS or certificates.

Best regards

NeuviJ

============================================

If the Answer is helpful, please click "Accept Answer" and upvote it.

Answer 2

I belive I havve the same or similar problem. I have a clean win 2019 server instalation and want to install a Comodo SSL certificate for a website! when I select 'complete certificate request' via a PKCS7 file ,the proses sims to complete with no errors, I imidietly see the certificate instaled and listed on the 'server sertificate list' but when I change pane going to site bindigs to find it itsnot there. going back to "server sertificate "its gone like it was never instaled!