Solved

cer conversion to pfx

Posted on 2010-09-13
12
2,160 Views
Last Modified: 2013-12-04
Hi,

We had purchased a wildcard certificate from rapidssl and installed it sucessfully on my IIS 6 server. Now i want to install that certificate on one of my appliace which only consider .pfx but when i am trying to export that certificate from MMC its not showing me private key export option. It just showing me below options.

DER encoded binary X.509
Base 64 encoded binary X.509
Cryptography message syntax standard - PKCS

Please help me on this.
0
Comment
Question by:pdixit1977
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 7
  • 5
12 Comments
 
LVL 13

Expert Comment

by:George Sas
ID: 33667308
Exporting/Backing up your certificate/Private Key (to .pfx file format)

   1. Start > Run
   2. Type in MMC and click OK
   3. Go into the File Tab > select Add/Remove Snap-in
   4. Click on Certificates and click on Add.
   5. Select Computer Account > Click Next
   6. Select Local Computer > Click Finish
   7. Click OK to close the Add/Remove Snap-in window.
   8. Double click on Certificates (Local Computer) in the center window.
   9. Double click on the Personal folder, and then on Certificates.
  10. Right Click on the Certificate you would like to backup and choose > ALL TASKS > Export
  11. Follow the Certificate Export Wizard to backup your certificate to a .pfx file.
  12. Choose to 'Yes, export the private key'
  13. Choose to "Include all certificates in certificate path if possible." (do NOT select the delete Private Key option)
  14. Enter a password you will remember
  15. Choose to save file on a set location
  16. Finish
  17. You will receive a message > "The export was successful." > Click OK
  18. The .pfx file backup is now saved in the location you selected.
0
 
LVL 13

Expert Comment

by:George Sas
ID: 33667320
0
 

Author Comment

by:pdixit1977
ID: 33671150
I am aware of these processes and i already create backup or convert pfx from many certificates but with this certificate.
Between steps 11 & 12 its not giving me option to export private key, m able to see below options only.
DER encoded binary X.509
Base 64 encoded binary X.509
Cryptography message syntax standard - PKCS

however from the same web server i can backup other certificate so there is nothing wrong with certificate store or server itself.
0
The Eight Noble Truths of Backup and Recovery

How can IT departments tackle the challenges of a Big Data world? This white paper provides a roadmap to success and helps companies ensure that all their data is safe and secure, no matter if it resides on-premise with physical or virtual machines or in the cloud.

 
LVL 13

Expert Comment

by:George Sas
ID: 33671597
Are you sure ou have the private key ???
Try to double click the certificate on your site and see if it says that you have the private key for it.
0
 

Author Comment

by:pdixit1977
ID: 33671674
how can i check it, please elaborate...
0
 
LVL 13

Expert Comment

by:George Sas
ID: 33671830
Double click the certificate.
See if it stands on the bottom of the window : You have a private key that corresponds to this certificate"

See example.

ssl.png
0
 

Author Comment

by:pdixit1977
ID: 33672505
i have checked my all public certificates and there is no private key option at given place however i m able to take backup all of them.  
0
 
LVL 13

Expert Comment

by:George Sas
ID: 33672559
Yes , you can take backup of the certificates , but you can only export the private key for the ones you have a private key.
0
 
LVL 13

Expert Comment

by:George Sas
ID: 33672586
If you don't have the private key you need to make a new CSR and request a new certificate from that CSR.
Did you imported the SSL by double clicking and selecting import  SSL or you followed the enrolment process in the IIS when you requested it ?
0
 

Author Comment

by:pdixit1977
ID: 33673470
this certificate was purchased 1 year back so actually i dont know how it was requested.
And yes i imported it by double clicking and selecting import SSL.
0
 
LVL 13

Accepted Solution

by:
George Sas earned 500 total points
ID: 33674251
Well , talk with the support of the site where you bought it from and tell them you lost your private key for it.
They will explain how you can get a new one with the private key.
You need to generate a new CSR and get a new SSL.
If you generate the CSR by IIS and you did not finished the enrolment process you might still be able to do it from IIS.
Please see this article :
https://knowledge.verisign.com/support/ssl-certificates-support/index?page=content&id=AR225

0
 

Author Closing Comment

by:pdixit1977
ID: 33719616
thnx
0

Featured Post

Enroll in May's Course of the Month

May’s Course of the Month is now available! Experts Exchange’s Premium Members and Team Accounts have access to a complimentary course each month as part of their membership—an extra way to increase training and boost professional development.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

#SSL #TLS #Citrix #HTTPS #PKI #Compliance #Certificate #Encryption #StoreFront #Web Interface #Citrix XenApp
SSL stands for “Secure Sockets Layer” and an SSL certificate is a critical component to keeping your website safe, secured, and compliant. Any ecommerce website must have an SSL certificate to ensure the safe handling of sensitive information like…
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…
In a recent question (https://www.experts-exchange.com/questions/29004105/Run-AutoHotkey-script-directly-from-Notepad.html) here at Experts Exchange, a member asked how to run an AutoHotkey script (.AHK) directly from Notepad++ (aka NPP). This video…

739 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question