IIS stuck with old SSL Certificate despite of deleting it from Server

Follow me Recently one of out client requested to configure remote app publishing through windows 2012 server. After configuring all remote app setting it failed because of certificate error as Remote app requires a valid trusted certificate to be installed so that the clients can open the applications from their desktop icon.  We went ahead and generated a self signed certificate on the remote app server and assigned it correctly on the required sites in IIS by editing the binding settings. Refer the screen shot below However despite of these changes the server kept presenting the old server certificate and hence the remote app wasn’t able to connect. I even deleted the old server certificate from the server and rebooted the server but still it kept presenting the old certificate. I researched further and found the following commands to check the installed certificates on the server and delete them as needed. Following command (ran from command prompt) display the certificates installed on a server. Netsh Http Show Sslcert   As we can see in the screenshot above, this command did reveal that the old certificate (which I had already deleted from the server) was still present on the server. The old and new certificates can be identified from the certificate hash value.   I used the following command to delete the non required stale certificate from the server Following command (ran from command prompt) deleted the required certificate from the server. Netsh delete Sslcert Ipport=[::]:443 (please replace IP Port value with your required value After this SSL certificate was deleted we ran the following command again and validated that its showing only...

Restoring missing Private key of a certificate

Follow me It wouldn’t be entirely incorrect to suggest that Microsoft Certificate Infra or Public Key Infrastructure  isn’t among the easier technology from Microsoft Stable. Well but as you learn it you will find it to be one of the most logical technology.  Any which way todays article is not about understanding PKI its more about implementing the same in our daily technological needs. Now days, In order to be encrypted or secured most of the application have a certificate installed in them and once a year that certificate needs to be renewed. The renewal process is quite simple, if you have access to the previous host or basically want them to renew the existing certificate, simply request the Cert Authority like Verisign, Godaddy etc to renew the certificate, down load the fresh cert and install it on the server. Or You may want to re do the whole process where , we will once again generate a request from the client and submit it to Certificate Authority (Like Godaddy), they issue us a cert and we install it on the server. Unfortunately the task do not end there, we have to assign this certificate to the application for which we installed it as well, like IIS or Exchange. One daunting issue which I have seen is that despite of the fact that we have installed the certificate on the server Computer Store ( A place where all the certificate installed on a computer is visible) and we can very well see it, you are either getting error like Certificate not found via CLI or if via GUI the...