Some instructions for converting SSL certificates generated for IIS to private key, and cert files you can use on unix, or Apache for windows.
First Export your IIS certificate into a pfx file (this is something you should do anyways for backup)
- Run mmc.exe
- Click the ‘Console’ menu and then click ‘Add/Remove Snap-in’.
- Click the ‘Add’ button and then choose the ‘certificates’ snap-in and click on ‘Add’.
- Select ‘Computer Account’ then click ‘Next’.
- Select ‘Local Computer’ and then click ‘OK’.
- Click ‘Close’ and then click ‘OK’.
- Expand the menu for ‘Certificates’ and click on the ‘Personal’ folder.
- Right click on the certificate that you want to export and select ‘All tasks’ -> ‘Export’.
- A wizard will appear. Make sure you check the box to include the private key and continue through with this wizard until you have a .PFX file.
Next run openssl to extract the private key, and the cert file.
# Export the private key file from the pfx file openssl pkcs12 -in filename.pfx -nocerts -out key.pem # Export the certificate file from the pfx file openssl pkcs12 -in filename.pfx -clcerts -nokeys -out cert.pem # This removes the passphrase from the private key so Apache won't # prompt you for your passphase when it starts openssl rsa -in key.pem -out server.key