Hi Ain! I guess you should be able to import the certificate on the server with mmc/certificate manager and bind it to port 443 on default website in IIS.
Regards, Tommy Edstrand
Yes, you should be able to go into SIM on the new server and apply the previous NS server configuration (NS certificates, KMS keys, etc.) onto the new NS. But that is step 10. Step 9 would still need to happen as well if you have CEM Agents as this step lets you reuse the CEM web site certificate that you had previously.
Are you using Cloud Enabled Management (CEM)?
If so, do CEM Agents have connectivity back to the SMP through VPN, or is connectivity only through CEM? If only through CEM we need to be extremely careful with any certificate changes, or it may be necessary to reinstall the CEM Agent package again on all CEM systems.
You could check IIS Bindings for port 4726 on the new server. Do you have this port bound? Is the correct certificate being used? Does it match the CEM Web site certificate listed in Certificate Management? Port 443 binding should be the NS web site certificate. Customer's sometimes make these the same 3rd party certificate, but we don't recommend that as it's less secure. By default, Port 4726 and 443 on the SMP have a different certificate, which is seen in IIS Bindings and also the Certificate Management page. (The SMP makes changes to IIS Bindings as certificates change in Certificate Management. It's not necessary or recommended to change IIS Bindings directly in IIS.)
If you'd rather have someone walk though this with you on a WebEx, please create a support case and we'd be happy to make sure everything is working and correct.
Best Regards, Roy