[Webinar] Streamline your web hosting managementRegister Today

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 2202
  • Last Modified:

cer conversion to pfx

Hi,

We had purchased a wildcard certificate from rapidssl and installed it sucessfully on my IIS 6 server. Now i want to install that certificate on one of my appliace which only consider .pfx but when i am trying to export that certificate from MMC its not showing me private key export option. It just showing me below options.

DER encoded binary X.509
Base 64 encoded binary X.509
Cryptography message syntax standard - PKCS

Please help me on this.
0
pdixit1977
Asked:
pdixit1977
  • 7
  • 5
1 Solution
 
George SasIT EngineerCommented:
Exporting/Backing up your certificate/Private Key (to .pfx file format)

   1. Start > Run
   2. Type in MMC and click OK
   3. Go into the File Tab > select Add/Remove Snap-in
   4. Click on Certificates and click on Add.
   5. Select Computer Account > Click Next
   6. Select Local Computer > Click Finish
   7. Click OK to close the Add/Remove Snap-in window.
   8. Double click on Certificates (Local Computer) in the center window.
   9. Double click on the Personal folder, and then on Certificates.
  10. Right Click on the Certificate you would like to backup and choose > ALL TASKS > Export
  11. Follow the Certificate Export Wizard to backup your certificate to a .pfx file.
  12. Choose to 'Yes, export the private key'
  13. Choose to "Include all certificates in certificate path if possible." (do NOT select the delete Private Key option)
  14. Enter a password you will remember
  15. Choose to save file on a set location
  16. Finish
  17. You will receive a message > "The export was successful." > Click OK
  18. The .pfx file backup is now saved in the location you selected.
0
 
George SasIT EngineerCommented:
0
 
pdixit1977Author Commented:
I am aware of these processes and i already create backup or convert pfx from many certificates but with this certificate.
Between steps 11 & 12 its not giving me option to export private key, m able to see below options only.
DER encoded binary X.509
Base 64 encoded binary X.509
Cryptography message syntax standard - PKCS

however from the same web server i can backup other certificate so there is nothing wrong with certificate store or server itself.
0
Will You Be GDPR Compliant by 5/28/2018?

GDPR? That's a regulation for the European Union. But, if you collect data from customers or employees within the EU, then you need to know about GDPR and make sure your organization is compliant by May 2018. Check out our preparation checklist to make sure you're on track today!

 
George SasIT EngineerCommented:
Are you sure ou have the private key ???
Try to double click the certificate on your site and see if it says that you have the private key for it.
0
 
pdixit1977Author Commented:
how can i check it, please elaborate...
0
 
George SasIT EngineerCommented:
Double click the certificate.
See if it stands on the bottom of the window : You have a private key that corresponds to this certificate"

See example.

ssl.png
0
 
pdixit1977Author Commented:
i have checked my all public certificates and there is no private key option at given place however i m able to take backup all of them.  
0
 
George SasIT EngineerCommented:
Yes , you can take backup of the certificates , but you can only export the private key for the ones you have a private key.
0
 
George SasIT EngineerCommented:
If you don't have the private key you need to make a new CSR and request a new certificate from that CSR.
Did you imported the SSL by double clicking and selecting import  SSL or you followed the enrolment process in the IIS when you requested it ?
0
 
pdixit1977Author Commented:
this certificate was purchased 1 year back so actually i dont know how it was requested.
And yes i imported it by double clicking and selecting import SSL.
0
 
George SasIT EngineerCommented:
Well , talk with the support of the site where you bought it from and tell them you lost your private key for it.
They will explain how you can get a new one with the private key.
You need to generate a new CSR and get a new SSL.
If you generate the CSR by IIS and you did not finished the enrolment process you might still be able to do it from IIS.
Please see this article :
https://knowledge.verisign.com/support/ssl-certificates-support/index?page=content&id=AR225

0
 
pdixit1977Author Commented:
thnx
0

Featured Post

Learn to develop an Android App

Want to increase your earning potential in 2018? Pad your resume with app building experience. Learn how with this hands-on course.

  • 7
  • 5
Tackle projects and never again get stuck behind a technical roadblock.
Join Now