IIS – How to Import SSL Certificate with Text and Private Key

iisrackspacessl-certificate

I am working on moving a site from Rackspace Cloud Sites onto a server running IIS and need to get the SSL certificate imported into IIS. All I have at the moment for the SSL certificate is what Rackspace gives me.
The text of the certificate
—–BEGIN CERTIFICATE—–
etc.
—–END CERTIFICATE—–

And the text of the private key
—–BEGIN RSA PRIVATE KEY—–
etc.
—–END RSA PRIVATE KEY—–

From what I've found I need to have a .pfx file to import the certificate.
How would I get one from having the text of the certificate + the text of the key?

Best Answer

You need to combine your issued certificate and unencrypted private key into a .pfx file (PKCS#12 format) in order to import it into IIS.

Use the following OpenSSL command:

openssl pkcs12 -export -out "output.pfx" -inkey "Unencrypted_Private_Key.pem"
-in  "Issued_Certificate.cer" -certfile CACert.crt

The certificate and key files are just text files with .cer and .pem extensions, respectively.

How to decrypt an encrypted private key:

openssl rsa -in "Encrypted_Private_Key.pem" -out "Decrypted_Private_Key.pem"

See more OpenSSL commands and this helpful online SSL tool.

If your PFX file was created correctly, but you receive an error like "Connection Interrupted" when browsing SSL on your website after installing the certificate, try rebooting the server. It has worked for me in the past. If it doesn't, your private key probably does not match your certificate.

Best Answer

Use the following OpenSSL command:

How to decrypt an encrypted private key:

Related Solutions

Tomcat – Import private key and certificate into Tomcat

Ssl – Export SSL Cert from IIS and import into GlassFish keystore

Related Topic