Moving SSL Certs from IIS to Apache
I found some instructions (removed link - no longer works) for converting SSL certificates generated for IIS to private key, and cert files you can use on unix, or Apache for windows.
First Export your IIS certificate into a pfx file (this is something you should do anyways for backup)
- Run mmc.exe
- Click the 'Console' menu and then click 'Add/Remove Snap-in'.
- Click the 'Add' button and then choose the 'certificates' snap-in and click on 'Add'.
- Select 'Computer Account' then click 'Next'.
- Select 'Local Computer' and then click 'OK'.
- Click 'Close' and then click 'OK'.
- Expand the menu for 'Certificates' and click on the 'Personal' folder.
- Right click on the certificate that you want to export and select 'All tasks' -> 'Export'.
- A wizard will appear. Make sure you check the box to include the private key and continue through with this wizard until you have a .PFX file.
# Export the private key file from the pfx file openssl pkcs12 -in filename.pfx -nocerts -out key.pem # Export the certificate file from the pfx file openssl pkcs12 -in filename.pfx -clcerts -nokeys -out cert.pem # This removes the passphrase from the private key so Apache won't # prompt you for your passphase when it starts openssl rsa -in key.pem -out server.key
Like this? Follow me ↯Tweet Follow @pfreitag
Moving SSL Certs from IIS to Apache was first published on August 27, 2003.
If you like reading about ssl, certificates, iis, apache, or crypto then you might also like:
- Blocking .svn and .git Directories on Apache or IIS
- Changing the ColdFusion CFIDE Scripts Location
- How to Get a Green SSL Certificate
- IIS: Disabling Weak SSL Protocols and Ciphers
- ColdFusion wsconfig Hotfix CVE-2009-1876 is for Apache Only
- Signing Jar Files (converting pvk to p12)
Want Security Advisories via Email?
Advisory Week is a new weekly email containing security advisories published by major software vendors (Adobe, Apple, Microsoft, etc).