SUMMARY
After you install Internet Information Services (IIS) 5.0, you may want to
import a backup key file from an older version of IIS. This allows
you to use the SSL capabilities on your new server (and replace the old
one).
Note If you are upgrading the server to IIS 5.0, this should be done for
you automatically. You will not need to export or import the private or public
key pair from the older server. It is always recommended, however, that
you keep a backup for emergency purposes.
For more information about backing up your key pairs, click the following article number to view the article in the Microsoft Knowledge Base:
185195
How to use key and certificate backup/restore utility
Before you go through this process, be sure that the common name (CN) of
the computers is the same. In other words, if your user will be typing
in https://www.widgets.microsoft.com (as an example), the common name on
the certificate needs to reflect this (in other words, it would be
www.widgets.microsoft.com). Typically, this should be the same name that
the DNS server resolves as you server.
We strongly recommend that all users upgrade to Microsoft Internet Information Services (IIS) version 6.0 running on Microsoft Windows Server 2003. All of the default security-related configuration settings in IIS 6.0 meet or exceed the security configuration settings made by the IIS Lockdown tool. Therefore, you do not need to run this tool on Web servers that are running IIS 6.0. However, if you are upgrading from a previous version of IIS, you should run the IIS Lockdown Tool before the upgrade to enhance the security of your Web server.