Moving SSL Certificate from IIS to Apache

This procedure will help you to move or copy your SSL certificate, installed on an IIS server to an Apache server.

Step 1: Export IIS certificate into a .PFX file

  • Run mmc.exe
  • Click the ‘Console’ menu and then click ‘Add/Remove Snap-in’.
  • Click the ‘Add’ button and then choose the ‘certificates’ snap-in and click on ‘Add’.
  • Select ‘Computer Account’ then click ‘Next’.
  • Select ‘Local Computer’ and then click ‘OK’.
  • Click ‘Close’ and then click ‘OK’.
  • Expand the menu for ‘Certificates’ and click on the ‘Personal’ folder.
  • Right click on the certificate that you want to export and select ‘All tasks’ -> ‘Export’.
  • A wizard will appear. Make sure you check the box to include the private key and continue through with this wizard until you have a .PFX file.

Step 2: Extract the private key

Export the private key file from the .PFX file.

$ openssl pkcs12 -in filename.pfx -nocerts -out key.pem

Step 3: Extract the certificate file

Export the certificate file from the .PFX file.

$ openssl pkcs12 -in filename.pfx -clcerts -nokeys -out cert.pem

Step 4: Remove the passphrase

This command removes the passphrase from the private key so Apache won’t prompt you for your passphase when it starts.

$ openssl rsa -in key.pem -out server.key

Extra Steps

Make sure that the following lines are present in your apache virtual host configuration file and they are correct:

SSLEngine on
SSLOptions +StrictRequire
SSLCertificateFile /path/to/certificate/cert.pem
SSLCertificateKeyFile /patch/to/key/server.key

Don’t forget to restart apache at the end.

0 (0)
Article Rating (No Votes)
Rate this article
Attachments
There are no attachments for this article.
Comments
There are no comments for this article. Be the first to post a comment.
Full Name
Email Address
Security Code Security Code
Related Articles RSS Feed
Automatic YUM Updates with Yum-cron
Viewed 10759 times since Fri, Oct 26, 2018
RHEL: Create a local RPM repository
Viewed 11387 times since Sun, May 27, 2018
RHEL7: Create and configure LUKS-encrypted partitions and logical volumes to prompt for password and mount a decrypted file system at boot.
Viewed 12977 times since Mon, Aug 6, 2018
How to disable SSH cipher/ MAC algorithms for Linux and Unix
Viewed 47593 times since Fri, Aug 21, 2020
An easier way to manage disk decryption at boot with Red Hat Enterprise Linux 7.5 using NBDE
Viewed 7761 times since Mon, Aug 6, 2018
Kernel sysctl configuration file for Linux
Viewed 5414 times since Fri, Aug 3, 2018
What is OS Watcher Utility and How to use it for Database Troubleshooting ?
Viewed 30442 times since Thu, Jun 21, 2018
ZPOOL: Remove an existing zpool
Viewed 2449 times since Sun, Jun 3, 2018
Easily Monitor CPU Utilization in Linux Terminal With Stress Terminal UI
Viewed 4249 times since Thu, Apr 18, 2019
6 easy steps to setup offline two factor authentication in Linux
Viewed 13504 times since Mon, Apr 6, 2020