I installed a new SSL certificate into IIS7, removed the old certificate and setup the bindings for the new certificate - so https is now bound to the new certificate only. I restarted IIS7 (and the Windows 2008 Server itself) and checked the certificate using the commands: netsh http show sslcert This showed the new certificate only, as I expected certutil -store MY This also only showed the new certificate and not the old one, as I expected I also opened mmc and checked the certificates there and I only see the new one and not the old one. I'm also using an account with Administrator privileges. However - when I open a browser (from any computer) and go to the https site it is still using the old certificate. Even when I remove the old certificate from the browser it still gets sent the old one and not the new one. Can anyone help me work out where I'm going wrong? How can I exorcize the old phantom certificate? Many Thanks!
I assume you are hosting your site in Winhost? This means the certificate that should be updated is the one in our web server, not the one in your dev server unless you are still hosting and pointing the site to your local dev server.