How to convert a IIS SSL certificate and Apache private Key into a PFX Certificate. So, you are in the unlikely situation of have an OpenSSL private key and a IIS PCB7 Certificate from a certificate Authority. You would like to install these two in IIS. Of course after an hour of trying to figure it out you will notice that it simply can not be done. You need to perform some conversions to turn the .cer and .key into an .pfx file. These are the steps:
  • First convert the issued certificate from the CA (its in the format of P7B mostly ending in .cer) into a pem file.
openssl pkcs7 -print_certs -in domainname.cer -out domainname.pem
  • Next, convert the pem certificate and the private key into the PFX cert.
openssl pkcs12 -export -out domainname.pfx -inkey private.key -in domainname.pem
  • The resulting domainname.pfx file can now be imported via the certificate MMC snap-in (Local Computer Account).
  • Once imported, just open the Website properties -> Directory Security Tab -> Server Certificate -> Assign an existing certificate.
  • Voila, you have just created and installed a pfx certificate from an PEM private Key and a P7B Certificate.
One last tip, if you ever have odd issues with a site not responding with an SSL certificate installed. Download and install Microsofts SSLDiag tool. It works great!
Handler : Shared memory (Apc)
Cache hits : 0 [N/A]
Cache misses : 0 [N/A]
Cache total : 0
Url added to cache : 0

Misses list