Error: "Cannot find the certificate request associated with this certificate file. A certificate request must be completed on the computer where it was created" when installing certificate using Microsoft IIS 7.0 or 7.5

Solution ID:    SO21575    Updated:    07/27/2016

Problem

When installing an SSL certificate using Microsoft IIS 7.0 or 7.5 on Windows Server 2008 / 2008R2, the following error may occur:

Cause

This error occurs because IIS Manager performs a lookup operation to search for the friendly name of the certificate during installation. However, the code that performs this lookup operation misses this specific case, and it does not know how to retrieve the friendly name of a certificate in a PKCS#7 file. Therefore, the lookup operation fails, and the error message is displayed.

Solution

To resolve this problem, verify if the certificate was installed by performing the following steps:

Step 1: Create a Certificate snap-in within the MMC on the server

  1. Click Start > Run > type MMC
  2. From the Microsoft Management Console (MMC), click  File > Add/Remove Snap-in
  3. From the list of snap-ins, select Certificates
  4. Click Add
  5. Select Computer Account
  6. Click Next
  7. Select Local Computer (the computer this console is running on)
  8. Click Finish
  9. In the Add/Remove Snap-in window, click OK


Step 2: Locate the SSL certificate

  1. Go to Personal > Certificates
  2. Right-click the SSL Certificate
  3. Select Properties
  4. Enter a Friendly Name value
  5. Click Apply, then click OK
  6. Go back to Personal > Certificates
  7. Double-click on the SSL certificate

On the General tab, under the validity dates, there should be a key icon with the following message:
 
"You have a private key that corresponds to this certificate"

If this is present, close the certificate and the MMC and proceed to Step 3. If there is no reference to the private key, please refer to the instructions referenced at the following knowledge base solution, to restore the private key.


Step 3: Bind the SSL certificate to the appropriate web site in IIS

  1. Click Start > Administrative Tools > Internet Information Services (IIS) Manager
  2. Browse to [Server name] > Sites > [Site for installation]
  3. From the Actions pane, choose Bindings
  4. In the Site Bindings window, choose Add (or Edit if an https binding already exists)
  5. From the Add/Edit Site Bindings window, select the binding type: https
  6. Select the SSL certificate that will be used for the site
  7. Click OK

 

Disclaimer:

RapidSSL has made efforts to ensure the accuracy and completeness of the information in this document. However, RapidSSL makes no warranties of any kind (whether express, implied or statutory) with respect to the information contained herein. RapidSSL assumes no liability to any party for any loss or damage (whether direct or indirect) caused by any errors, omissions, or statements of any kind contained in this document.  Further, RapidSSL assumes no liability arising from the application or use of the product or service described herein and specifically disclaims any representation that the products or services described herein do not infringe upon any existing or future intellectual property rights. Nothing herein grants the reader any license to make, use, or sell equipment or products constructed in accordance with this document. Finally, all rights and privileges related to any intellectual property right described herein are vested in the patent, trademark, or service mark owner, and no other person may exercise such rights without express permission, authority, or license secured from the patent, trademark, or service mark owner. RapidSSL reserves the right to make changes to any information herein without further notice.

Contact Support

US Support:

Order Processing

Technical Support

European Support:

Order Processing

Technical Support

SSL digital certificates sales live chat.

Find Answers


Search Tips