Importing .pk7b file

Jack_son_
Jack_son_ used Ask the Experts™
on
I received a certificate from a certificate authority, and this it came in .pk7b format.  I tried importing and then exporting to .pfx file but only would export to .pk7b.  For IIS 6 and 7, I am not able to import it - it seems to need the.pfx file.   Does anyone know a way around this?

Thanks
Comment
Watch Question

Do more with

Expert Office
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®
Jian An LimSolutions Architect
Top Expert 2016

Commented:
you need to get the CA to issue you pfx,

OR, you need to properly renew your IIS6/7 certificate and upload your certreq.txt to CA

Author

Commented:
I just got a wildcard but the formst is .cer
Jian An LimSolutions Architect
Top Expert 2016
Commented:
okay

a properly method to do a wildcard is


in IIS6
create a new SSL on *.domain.com
then send your certreq.txt to 3rd party CA

then download the .cer


go to IIS 6 again and use the .cer file to activate your certificate.
Software Engineer
Distinguished Expert 2018
Commented:
Look at openssl tooling for unpacking/repacking certificate info.

pkcs7 handling
http://www.openssl.org/docs/apps/pkcs7.html

pfx file are pkcs12 files:
http://www.openssl.org/docs/apps/pkcs12.html

For a service you need the Private Key + Certificate  (=IIS)
For validation you only need the Certificate.  (This is the Public Key + its CA -signature).
ParanormasticCryptographic Engineer
Commented:
the .cer is your wildcard cert file.  The P7 file is probably just the CA certificate chain - it may or may not include your cert but since you got a .cer file too it is probably just the CA chain.  You cannot export these as .pfx because you don't have the CA private keys and you're not going to.  You can export your wildcard to .pfx as you would a normal cert by selecting to include the private key - doesn't matter if you include the CA certificates or not - if you don't then just keep the P7B file with the .pfx.

If you cannot get the wildcard to export:
1) open the cert - details tab - copy the serial number value
2) open cmd prompt
3) certutil -addstore my wildcard.cer
4) certutil -repairstore my "paste serial number"
5) certutil -p PASSWORD -exportpfx "paste serial number" c:\temp\wildcard.pfx

Do more with

Expert Office
Submit tech questions to Ask the Experts™ at any time to receive solutions, advice, and new ideas from leading industry professionals.

Start 7-Day Free Trial