Warning: This blog entry was written two or more years ago. Therefore, it may contain broken links, out-dated or misleading content, or information that is just plain wrong. Please read on with caution.
I recently migrated a website from a server running IIS 6.0 to one running Apache 2.2.x . While the migration of the sites was a snap, I also had to migrate the SSL certificate, and this was a little more involved. Here are the steps I used.
Note: The new server was also a Windows box so I installed the Apache binary with openssl. Your apache installation may need to be recompiled with ssl for it to function depending on your OS.
Step 1: Export .pfx file
When migrating a ssl cert from one server to another you will need both the public key files (your SSL certificate files, provided by your Issueing Authority)and the associated private keys (generated by your server at the time the CSR was generated) for the SSL certificate to function. For this reason a PFX backup is always needed to transfer an SSL server security certificate from one server to another.
Under windows do the following steps
- From the Start menu, select "Run...". Type "mmc" and hit Enter.
- Under the File menu choose Add/Remove Snap in.
- Click Add, then from the Add Standalone Snap-in panel choose Certificates, and click Add.
- Choose Computer Account and click Next, then choose Local Computer and click Finish.
- Close the Add Standalone Snap-In window by clicking Close.
- Close the Add/Remove Snap-in window by clicking Ok.
- Click the + to Expand the Certificates (Local Computer) Console Tree
- Look for the Personal directory/folder and select Certificates.
- Right Click on the Certificate you would like to backup and choose > ALL TASKS > Export
- Follow the Certificate Export Wizard to backup your certificate to a .pfx file
- Choose to 'Yes, export the private key'
- Choose to include all certificates in certificate path if possible. (do NOT select the delete Private Key option)
- Leave default settings > Enter Password (if required)
- Choose to save file on a set location eg "desktop/mysite.pfx"
- Finish, you will receive a message > Export Successful
- Copy the created pfx file to the apache server
Wednesday, November 7, 2012 at 3:40:12 AM Coordinated Universal Time
Thanks for this, had to put the IIS cert on the apache reverse proxy...followed your steps, perfect.
Thanks a lot.
Monday, February 3, 2014 at 11:53:26 AM Coordinated Universal Time
It has worked perfectly for me.
I was looking for a solution from hours,
very crear and useful!