httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From v...@exemail.com.au
Subject Re: [users@httpd] Migrating from IIS to Apache - how to keep the SSL certificate?
Date Tue, 22 Nov 2005 05:29:33 GMT
Got it! Procedure:

1. Export the certificate from IIS as a .pfx file: Properties of the web
site->Directory Security -> View Certificate -> Details -> Copy to file ->
Next -> Export the private key + Next -> Next -> blank password + next ->
<hostname> + next -> Finish

This creates file <hostname>.pfx with the certificate and the private key.

2. openssl pkcs12 -in <hostname>.pfx -out <hostname>.pem -nodes

3. openssl rsa -in <hostname>.pem -out <hostname>.key

<hostname>.key is the file I was after.

4. To get the "chain of trust" from the CA*.crt files supplied by the CA:

openssl x509 -in CA01.crt -text > trust_bundle.pem
openssl x509 -in CA02.crt -text >> trust_bundle.pem
openssl x509 -in CA03.crt -text >> trust_bundle.pem
...

5. httpd.conf:

<VirtualHost <hostname>:443>
servername <hostname>
SSLEngine On
SSLCACertificateFile conf/ssl/trust_bundle.pem
SSLCertificateFile conf/ssl/<hostname>.crt
SSLCertificateKeyFile conf/ssl/<hostname>.key
</VirtualHost>



I hope this will be helpful to somebody.


Regards

Vesselin




---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message