httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Joost de Heer" <>
Subject [users@httpd] Re: Migrating from IIS to Apache - how to keep the SSL certificate?
Date Tue, 22 Nov 2005 08:59:08 GMT wrote:
> Hi,
> We are considering a migration from IIS to apache2 on a win2k server. I
> got mod_ssl up and running with a self-signed sertificate but I hit the
> wall when I tried to reuse our existing certificate signed from a CA.

First export the IIS certificate:

- Go to the IIS manager, go to the website with the certificate and cloose
- Go to the tab 'Directory security'
- Click on 'View certificate' in the 'secure communications' section
- Click in the new screen on the tab 'details'
- Click on 'Export to file...'
- Select 'Yes, export the private key'
- Select only the option 'enable strong protection', and enter a password
- Give a filename
- Click on 'finish'.

Now you have a p12 certificate. Copy this certificate to your Apache machine

To get the key:
openssl pkcs12 -nocerts -in [.pfx] -out certificate.key

This asks for three passwords: first one is the export password used in
the previous step, and the second/third are the private key passwords. You
can later remove the private key password with

mv certificate.key certificate.key.encrypted
openssl rsa -in certificate.key.encrypted -out certificate.key

And to generate the cer:
openssl pkcs12 -nokeys -in [.pfx] -out certificate.cer

This is probably not the fastest way, but this is the documentation I made
for my colleagues.


The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:> for more info.
To unsubscribe, e-mail:
   "   from the digest:
For additional commands, e-mail:

View raw message