Tired of managing certificates? Automate it with ZeroSSL   Learn about ZeroSSL Automation x

How to Move or Copy an SSL Certificate from one Server to Another

Do you have multiple servers that need to use the same SSL certificate? This is very common in an environment where a load-balancer is used to share the load of a website across several different servers. This is also becoming more common as wildcard certificates and UC SSL certificates increase in popularity because they enable a single certificate to work on multiple different domains or subdomains using SSL Host Headers.

What about when you set up a new server or switch hosting companies? How do you move the current SSL certificate to the new server? What if you need to move it to a different type of server? The answers to all of those questions are contained in the following pages. Essentially, you will export the SSL certificate from the server that it is currently installed on, move the SSL certificate to the new server, and then import it on the new server.

Keep in mind that some certificate authorities, require that you purchase a "server license" for each server that you install an SSL certificate to, even if it uses the same private key. And speaking of private keys, it is slightly less secure to copy the SSL certificate and use the same private key on a different server. If an attacker breaks into one server and gets the private key, he will be able to listen in on the connections that other servers are making.

We will assume that you have already successfully installed the SSL certificate on one web server. You will follow these steps to move or copy that working certificate to a new server:

  1. Export the SSL certificate from the server with the private key and any intermediate certificates.
  2. Convert the certificate to a different format if you are putting it on a different type of server.
  3. Import the SSL certificates and private key on the new server and configure your sites to use them.

Now on to the instructions. What would you like to do?

 

Originally posted on Sun Nov 9, 2008

Comments


Prasad Moharil(2014-12-13)

Hi Team
we are migrating our application to new Servers (2). We have decided to buy 2 server license to be installed on two server. But Domain name for the certificate will remain same (www.dslchecker.bt.com).

Now we have following queries
1. Will there any chnage in private keys
2 if So Does Client also need to certificate on there server.
3. We are doing phase wise deployment in first week we will introduce one new site with new certificate and exisitng Site with old certifictae pointing to same DNS(Domain name remain same). in secon week will will remove existing site and make both new site live.
4. in step 3 will there be any impact on Client (Customer)

Jonard Reyes(2015-09-29)

I have the same question with Prasad, if I have 2 server do I have to purchase 2 certificate? or I can order 1 cert and export this and install it on the 2nd server? Should I be installing the certificate ordered if I ordered 2 on both server? When you will you be importing cert?

SSL Shopper(2015-09-30)

Hi Jonard. Many certificate providers have an unlimited server license so don't need to purchase two of them. You can follow the instructions provided here to export the certificate from one server to the other. You will import the cert to one server first and then export it to the other. Your certificate provider should be able to help you do this if you have any questions.

Jags(2018-05-07)

after import certificate ,i getting this error NET::ERR_CERT_REVOKED

Assylum Hole(2017-02-22)

maybe look at a wildcard certificate.
*.mycompany.com

Aman Mehndiratta(2018-07-12)

HI please help me i need to transfer my SSL Certificate from Go-daddy to Silicon house i already have bought it for further 1 year for this domain
http://marvelcorporate.co/

SSL Shopper(2018-07-13)

Hi Aman,

You'll need to contact your web hosting providers to help set up the SSL or hire someone to do it for you.

Aman Mehndiratta(2018-09-07)

Thanks!

Advertisement • Hide