Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

cer conversion to pfx

Posted on 2010-09-13
12
Medium Priority
?
2,184 Views
Last Modified: 2013-12-04
Hi,

We had purchased a wildcard certificate from rapidssl and installed it sucessfully on my IIS 6 server. Now i want to install that certificate on one of my appliace which only consider .pfx but when i am trying to export that certificate from MMC its not showing me private key export option. It just showing me below options.

DER encoded binary X.509
Base 64 encoded binary X.509
Cryptography message syntax standard - PKCS

Please help me on this.
0
Comment
Question by:pdixit1977
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 7
  • 5
12 Comments
 
LVL 13

Expert Comment

by:George Sas
ID: 33667308
Exporting/Backing up your certificate/Private Key (to .pfx file format)

   1. Start > Run
   2. Type in MMC and click OK
   3. Go into the File Tab > select Add/Remove Snap-in
   4. Click on Certificates and click on Add.
   5. Select Computer Account > Click Next
   6. Select Local Computer > Click Finish
   7. Click OK to close the Add/Remove Snap-in window.
   8. Double click on Certificates (Local Computer) in the center window.
   9. Double click on the Personal folder, and then on Certificates.
  10. Right Click on the Certificate you would like to backup and choose > ALL TASKS > Export
  11. Follow the Certificate Export Wizard to backup your certificate to a .pfx file.
  12. Choose to 'Yes, export the private key'
  13. Choose to "Include all certificates in certificate path if possible." (do NOT select the delete Private Key option)
  14. Enter a password you will remember
  15. Choose to save file on a set location
  16. Finish
  17. You will receive a message > "The export was successful." > Click OK
  18. The .pfx file backup is now saved in the location you selected.
0
 
LVL 13

Expert Comment

by:George Sas
ID: 33667320
0
 

Author Comment

by:pdixit1977
ID: 33671150
I am aware of these processes and i already create backup or convert pfx from many certificates but with this certificate.
Between steps 11 & 12 its not giving me option to export private key, m able to see below options only.
DER encoded binary X.509
Base 64 encoded binary X.509
Cryptography message syntax standard - PKCS

however from the same web server i can backup other certificate so there is nothing wrong with certificate store or server itself.
0
2017 Webroot Threat Report

MSPs: Get the facts you need to protect your clients.
The 2017 Webroot Threat Report provides a uniquely insightful global view into the analysis and discoveries made by the Webroot® Threat Intelligence Platform to provide insights on key trends and risks as seen by our users.

 
LVL 13

Expert Comment

by:George Sas
ID: 33671597
Are you sure ou have the private key ???
Try to double click the certificate on your site and see if it says that you have the private key for it.
0
 

Author Comment

by:pdixit1977
ID: 33671674
how can i check it, please elaborate...
0
 
LVL 13

Expert Comment

by:George Sas
ID: 33671830
Double click the certificate.
See if it stands on the bottom of the window : You have a private key that corresponds to this certificate"

See example.

ssl.png
0
 

Author Comment

by:pdixit1977
ID: 33672505
i have checked my all public certificates and there is no private key option at given place however i m able to take backup all of them.  
0
 
LVL 13

Expert Comment

by:George Sas
ID: 33672559
Yes , you can take backup of the certificates , but you can only export the private key for the ones you have a private key.
0
 
LVL 13

Expert Comment

by:George Sas
ID: 33672586
If you don't have the private key you need to make a new CSR and request a new certificate from that CSR.
Did you imported the SSL by double clicking and selecting import  SSL or you followed the enrolment process in the IIS when you requested it ?
0
 

Author Comment

by:pdixit1977
ID: 33673470
this certificate was purchased 1 year back so actually i dont know how it was requested.
And yes i imported it by double clicking and selecting import SSL.
0
 
LVL 13

Accepted Solution

by:
George Sas earned 2000 total points
ID: 33674251
Well , talk with the support of the site where you bought it from and tell them you lost your private key for it.
They will explain how you can get a new one with the private key.
You need to generate a new CSR and get a new SSL.
If you generate the CSR by IIS and you did not finished the enrolment process you might still be able to do it from IIS.
Please see this article :
https://knowledge.verisign.com/support/ssl-certificates-support/index?page=content&id=AR225

0
 

Author Closing Comment

by:pdixit1977
ID: 33719616
thnx
0

Featured Post

When ransomware hits your clients, what do you do?

MSPs: Endpoint security isn’t enough to prevent ransomware.
As the impact and severity of crypto ransomware attacks has grown, Webroot has fought back, not just by building a next-gen endpoint solution capable of preventing ransomware attacks but also by being a thought leader.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In a recent article here at Experts Exchange (http://www.experts-exchange.com/articles/18880/PaperPort-14-in-Windows-10-A-First-Look.html), I discussed my nine-month sandbox testing of the Windows 10 Technical Preview, specifically with respect to r…
While rebooting windows server 2003 server , it's showing "active directory rebuilding indices please wait" at startup. It took a little while for this process to complete and once we logged on not all the services were started so another reboot is …
Have you created a query with information for a calendar? ... and then, abra-cadabra, the calendar is done?! I am going to show you how to make that happen. Visualize your data!  ... really see it To use the code to create a calendar from a q…
We’ve all felt that sense of false security before—locking down external access to a database or component and feeling like we’ve done all we need to do to secure company data. But that feeling is fleeting. Attacks these days can happen in many w…
Suggested Courses

715 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question