Solved

cer conversion to pfx

Posted on 2010-09-13
12
2,142 Views
Last Modified: 2013-12-04
Hi,

We had purchased a wildcard certificate from rapidssl and installed it sucessfully on my IIS 6 server. Now i want to install that certificate on one of my appliace which only consider .pfx but when i am trying to export that certificate from MMC its not showing me private key export option. It just showing me below options.

DER encoded binary X.509
Base 64 encoded binary X.509
Cryptography message syntax standard - PKCS

Please help me on this.
0
Comment
Question by:pdixit1977
  • 7
  • 5
12 Comments
 
LVL 13

Expert Comment

by:George Sas
ID: 33667308
Exporting/Backing up your certificate/Private Key (to .pfx file format)

   1. Start > Run
   2. Type in MMC and click OK
   3. Go into the File Tab > select Add/Remove Snap-in
   4. Click on Certificates and click on Add.
   5. Select Computer Account > Click Next
   6. Select Local Computer > Click Finish
   7. Click OK to close the Add/Remove Snap-in window.
   8. Double click on Certificates (Local Computer) in the center window.
   9. Double click on the Personal folder, and then on Certificates.
  10. Right Click on the Certificate you would like to backup and choose > ALL TASKS > Export
  11. Follow the Certificate Export Wizard to backup your certificate to a .pfx file.
  12. Choose to 'Yes, export the private key'
  13. Choose to "Include all certificates in certificate path if possible." (do NOT select the delete Private Key option)
  14. Enter a password you will remember
  15. Choose to save file on a set location
  16. Finish
  17. You will receive a message > "The export was successful." > Click OK
  18. The .pfx file backup is now saved in the location you selected.
0
 
LVL 13

Expert Comment

by:George Sas
ID: 33667320
0
 

Author Comment

by:pdixit1977
ID: 33671150
I am aware of these processes and i already create backup or convert pfx from many certificates but with this certificate.
Between steps 11 & 12 its not giving me option to export private key, m able to see below options only.
DER encoded binary X.509
Base 64 encoded binary X.509
Cryptography message syntax standard - PKCS

however from the same web server i can backup other certificate so there is nothing wrong with certificate store or server itself.
0
Best Practices: Disaster Recovery Testing

Besides backup, any IT division should have a disaster recovery plan. You will find a few tips below relating to the development of such a plan and to what issues one should pay special attention in the course of backup planning.

 
LVL 13

Expert Comment

by:George Sas
ID: 33671597
Are you sure ou have the private key ???
Try to double click the certificate on your site and see if it says that you have the private key for it.
0
 

Author Comment

by:pdixit1977
ID: 33671674
how can i check it, please elaborate...
0
 
LVL 13

Expert Comment

by:George Sas
ID: 33671830
Double click the certificate.
See if it stands on the bottom of the window : You have a private key that corresponds to this certificate"

See example.

ssl.png
0
 

Author Comment

by:pdixit1977
ID: 33672505
i have checked my all public certificates and there is no private key option at given place however i m able to take backup all of them.  
0
 
LVL 13

Expert Comment

by:George Sas
ID: 33672559
Yes , you can take backup of the certificates , but you can only export the private key for the ones you have a private key.
0
 
LVL 13

Expert Comment

by:George Sas
ID: 33672586
If you don't have the private key you need to make a new CSR and request a new certificate from that CSR.
Did you imported the SSL by double clicking and selecting import  SSL or you followed the enrolment process in the IIS when you requested it ?
0
 

Author Comment

by:pdixit1977
ID: 33673470
this certificate was purchased 1 year back so actually i dont know how it was requested.
And yes i imported it by double clicking and selecting import SSL.
0
 
LVL 13

Accepted Solution

by:
George Sas earned 500 total points
ID: 33674251
Well , talk with the support of the site where you bought it from and tell them you lost your private key for it.
They will explain how you can get a new one with the private key.
You need to generate a new CSR and get a new SSL.
If you generate the CSR by IIS and you did not finished the enrolment process you might still be able to do it from IIS.
Please see this article :
https://knowledge.verisign.com/support/ssl-certificates-support/index?page=content&id=AR225

0
 

Author Closing Comment

by:pdixit1977
ID: 33719616
thnx
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Article by: btan
The intent is not to repeat what many has know about Ransomware but more to join its dots of what is it, who are the victims, why it exists, when and how we respond on infection. Lastly, sum up in a glance to share such information with more to help…
OfficeMate Freezes on login or does not load after login credentials are input.
This Micro Tutorial hows how you can integrate  Mac OSX to a Windows Active Directory Domain. Apple has made it easy to allow users to bind their macs to a windows domain with relative ease. The following video show how to bind OSX Mavericks to …
Windows 10 is mostly good. However the one thing that annoys me is how many clicks you have to do to dial a VPN connection. You have to go to settings from the start menu, (2 clicks), Network and Internet (1 click), Click VPN (another click) then fi…

805 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question