Moving SSL Certificate from IIS to Apache

This procedure will help you to move or copy your SSL certificate, installed on an IIS server to an Apache server.

Step 1: Export IIS certificate into a .PFX file

  • Run mmc.exe
  • Click the ‘Console’ menu and then click ‘Add/Remove Snap-in’.
  • Click the ‘Add’ button and then choose the ‘certificates’ snap-in and click on ‘Add’.
  • Select ‘Computer Account’ then click ‘Next’.
  • Select ‘Local Computer’ and then click ‘OK’.
  • Click ‘Close’ and then click ‘OK’.
  • Expand the menu for ‘Certificates’ and click on the ‘Personal’ folder.
  • Right click on the certificate that you want to export and select ‘All tasks’ -> ‘Export’.
  • A wizard will appear. Make sure you check the box to include the private key and continue through with this wizard until you have a .PFX file.

Step 2: Extract the private key

Export the private key file from the .PFX file.

$ openssl pkcs12 -in filename.pfx -nocerts -out key.pem

Step 3: Extract the certificate file

Export the certificate file from the .PFX file.

$ openssl pkcs12 -in filename.pfx -clcerts -nokeys -out cert.pem

Step 4: Remove the passphrase

This command removes the passphrase from the private key so Apache won’t prompt you for your passphase when it starts.

$ openssl rsa -in key.pem -out server.key

Extra Steps

Make sure that the following lines are present in your apache virtual host configuration file and they are correct:

SSLEngine on
SSLOptions +StrictRequire
SSLCertificateFile /path/to/certificate/cert.pem
SSLCertificateKeyFile /patch/to/key/server.key

Don’t forget to restart apache at the end.

0 (0)
Article Rating (No Votes)
Rate this article
Attachments
There are no attachments for this article.
Comments
There are no comments for this article. Be the first to post a comment.
Full Name
Email Address
Security Code Security Code
Related Articles RSS Feed
sed Delete / Remove ^M Carriage Return (Line Feed / CRLF) on Linux or Unix
Viewed 9483 times since Thu, Feb 7, 2019
Linux – Securing your important files with XFS extendend attributes
Viewed 7229 times since Wed, Jul 25, 2018
awk printf
Viewed 14111 times since Wed, Aug 19, 2020
Jak wygenerować silne hasła jednorazowe w Linuksie?
Viewed 1891 times since Thu, May 24, 2018
How to recover error - Audit error: dispatch err (pipe full) event lost
Viewed 23061 times since Tue, Aug 6, 2019
RHEL: Retrieve and generate a unique SCSI identifier
Viewed 2581 times since Sat, Jun 2, 2018
8 Vim Tips And Tricks That Will Make You A Pro User
Viewed 2595 times since Fri, Apr 19, 2019
Setup SSL Tunnel Using Stunnel on Ubuntu
Viewed 1660 times since Fri, Sep 28, 2018
Manage Linux Password Expiration and Aging Using chage
Viewed 4158 times since Tue, Sep 11, 2018
Tcpdump Examples Linux
Viewed 5475 times since Fri, Nov 16, 2018