SSL Certificates – Best Location to Keep SSL Certificates and Private Keys on Ubuntu Servers

These are hash symlinks so that openssl (or another SSL-aware program) can find the certificates by their hash sum.

For example openssl x509 -noout -hash -in cert1.crt (cert1.crt from your listing) should output 275e5f53.

Personally, I tend to use OpenSSL for this type of work: http://www.openssl.org/

If you're not dealing with certificates everyday, however, try something along the lines of: http://www.edwinbush.com/my-tools-page/pfx-generator which will combine your Private Key and the Certificate hashes into a PFX file that you can import to your certificate keystore as follows:

1. Click Start
2. Click Run...
3. Type "mmc" and hit Enter
4. File => Add/Remove Snap-in...
5. Add Certificates 5a. Select "Computer Account" and hit Next 5b. Select "Local Computer" and hit Finish 5c. Hit OK
6. Expand the Certificates node in the tree and select Personal
7. Right click in the central pane
8. All tasks => Import => Next 8a. Browse to where you saved the PFX file and hit Next --You may need to change the 'Filetype' field to 'All Files' 8b. Check the 'Mark as Exportable' box 8c. Keep all extended properties 8d. Place this certificate into the right store automatically 8e. Hit Finish

This certificate should be available for selection within IIS now when you go to set an HTTPS binding.

Oh, and one more thing - your CA may have provided you with intermediary/root chaining certificates when the certificate was issued. Ensure you install these into the relevant stores too, otherwise you'll have issues with IE. Firefox tends to be alright.

~MBT