On my IIS server, there are two certificates. One is issued by a real CA based on my request and is used as the SSL cert on the server's website. The other is a self-signed certificate with the name "WMSCV-SHA2-webserver". This doesn't expire for another 9 years but I do have a requirement to configure my IIS server to only use certs from an approved CA (which the other certificate fulfills).
Looking around within IIS, it's not clear to me exactly what this cert does. While it shows up in the IIS Certificates console (as well as the Personal store found via MMC), I'm not finding anywhere that this cert is actually used – the only place I've had to manually assign a cert is in SSL site bindings (and we only have the one website).
Google turns up instances of people talking about certs like this, but little in the way of what it's for. That a few users are directed to actually generate one that ends up with that name, however, leads me to believe there may be some IIS function that I do not currently understand that relies on this certificate.
What is the function of this SHA-2 cert, and where can I find if it is used? Is it safe to simply remove the certificate?
Best Answer
That certificate was generated when you install IIS Remote Management Service, and you can remove it if you don't need that,
Reference