Skip to main content

Remediation Steps

Follow the steps below to remediate this finding on Microsoft IIS webserver.

  1. Renew the certificate before it expires.

  2. For certificates from a commercial CA, request a renewal from your CA portal and import the new certificate.

  3. In IIS Manager, go to Server Certificates and import the renewed certificate.

  4. Update the HTTPS binding to use the renewed certificate.

  5. Set up a monitoring alert (e.g., via Windows Task Scheduler or a monitoring tool) to warn 30+ days before expiry.

Back to top