Deploy Certificates to target web servers
Using Key Manager Plus, you can directly deploy selected certificates onto target servers. To deploy an SSL certificate to a target server,
- Navigate to SSL-->Certificates
- Select the certificates that you want to deploy to target servers by clicking on the check boxes beside them.
- Click Deploy
- In the Certificate Deployment window that opens, select the server type (Windows, Linux, MS Certificate Store, IIS) and provide the required details. The certificates are deployed in the specified servers in the specified path.
Note :
- For deployment of certificates to Windows systems, MS Certificate Store and Internet Information Services (IIS), use your domain administrator account as Key Manager Plus' service logon account.
- If you are using a domain service account to run Key Manager Plus, make sure you have configured it in your local admin group beforehand.
Deploying certificates to Windows server
- To deploy certificates on Windows server, choose the server type as Windows
- Select the Deployment type as single or multiple as per your need
- For single deployment, provide the required details: Server name, user name, password, path, certificate file name (optional), keystore file name (optional)
- For certificate deployment on multiple servers, upload a .csv file comprising the following details:
- Server name, user name, password, path, certificate file name (optional), keystore file name (optional).
- After providing the details, click Deploy. The certificate is deployed on the specified server in the specified path.
Deploying certificates to Linux server
- To deploy certificates on Linux server, choose the server type as Linux
- Select the Deployment type as single or multiple as per your need
- For single deployment, provide the required details: Server name, port (port 22 is assigned by default), user name, password, path, certificate file name (optional), keystore file name (optional)
- You can also opt for a key based authentication for password-less servers by choosing the Import Key credential type. Upload the private key associated with the required user account in the target server and provide the key passphrase.
- For certificate deployment on multiple servers, upload a .csv file comprising the following details:
- Server name, port (port 22 is assigned by default), user name, password, path, certificate file name (optional), keystore file name (optional).
- After providing the details, click Deploy. The certificate is deployed on the specified server in the specified path.
Note :
- Key based authentication option is available for single deployment type only.
- The private key uploaded during key based authentication is for one-time use only and is not stored anywhere in the Key Manager Plus database. If you wish to add it to the Key Manager Plus repository, you can manually do so by using the Import option from the SSH tab.
Deploying certificates to MS Certificate store
- To deploy certificates to MS Certificate store, choose the server type as Microsoft Certificate Store
- Select the Deployment type as single or multiple as per your need
- For single deployment, provide the required details: Server name, user name, password.
- For certificate deployment on multiple servers, upload a .csv file comprising the following details:
Server name, user name, password - After providing the details, click Deploy
- The selected certificates are deployed in Personal Certificates
Deploying certificates to Microsoft IIS server
- To deploy certificates to a Microsoft IIS server, choose the server type as Internet Information Services (IIS).
- Select the Deployment type as single or multiple as per your need.
- Then specify the name of the IIS server onto which the certificate needs to be deployed, and provide the user account credentials.
- Specify a path in the server where the certificate could be placed temporarily.
- For certificate deployment on multiple servers, upload a .csv file comprising the following details: Server name, user name, password and path.
- After providing the details, click Deploy
- Once you click deploy, the certificate is initially deployed at the path specified in your IIS server, and then moved to the Server Certificates folder.
- The certificate file is then deleted from its initial location.
- Once placed under Server Certificates, you need to bind the certificate to your corresponding website to activate SSL protection. Click here for detailed explanation on certificate binding.
- Once the binding process is complete, restart your IIS server for the certificate to take effect.
