Category Archives: SSL

Godaddy, SSL

๐Ÿ›ก๏ธ SSL Renewal โ€” IIS + GoDaddy

Leave a comment

๐Ÿ›ก๏ธ Kapothi SSL Renewal Ritual โ€” IIS + GoDaddy

Date: 2025-11-11

Domain: oa.kapothi.com

Status: โœ… Successfully installed renewed SSL certificate

๐Ÿ“ฆ Files received from GoDaddy

  • Server certificate: yourdomain.crt
  • Intermediate chain: gd-g2_iis_intermediates.p7b
  • Alternate format: yourdomain.pem

๐Ÿ”ง Step-by-step ritual

  1. Convert CRT to CER: Open .crt โ†’ Details tab โ†’ Copy to File โ†’ Baseโ€‘64 encoded X.509 (.CER) โ†’ Save as oa.kapothi.com.cer.
  2. Complete certificate request: IIS Manager โ†’ Server Certificates โ†’ Complete Certificate Request โ†’ Select oa.kapothi.com.cer โ†’ Store as Web Hosting.
  3. Import intermediate chain: MMC โ†’ Intermediate Certification Authorities โ†’ Certificates โ†’ Import gd-g2_iis_intermediates.p7b.
  4. Bind certificate: IIS Manager โ†’ Site โ†’ Bindings โ†’ HTTPS โ†’ Edit โ†’ Select the new certificate โ†’ Save.

๐Ÿงช Verification chants

# PowerShell Commands

# Check Web Hosting store (IIS-managed certs)
Get-ChildItem Cert:\LocalMachine\WebHosting | Select Subject, HasPrivateKey, Thumbprint, NotAfter

# Check all stores for certainty
Get-ChildItem Cert:\LocalMachine\* | Where-Object { $_.Subject -like "*kapothi.com*" } | Select PSParentPath, Subject, HasPrivateKey, Thumbprint, NotAfter

๐Ÿ“œ Legacy capsule metadata

  • Thumbprint (current): [insert new thumbprint]
  • Validity (NotAfter): [insert expiry date]
  • Chain: Go Daddy Secure Certificate Authority โ€“ G2 โ†’ Go Daddy Root Certificate Authority โ€“ G2 โ†’ Go Daddy Class 2 CA
  • Binding: IIS HTTPS, Web Hosting store

๐Ÿ•ฏ๏ธ The scroll is forged, the chain is whole, and the shrine sings without resistance.