moves ssl cert from windows

rickoneil

Registered
Jul 21, 2007
3
0
51
and doesn't seem to work:
did this:

Run mmc.exe
Click the 'Console' menu and then click 'Add/Remove Snap-in'.
Click the 'Add' button and then choose the 'certificates' snap-in and click on 'Add'.
Select 'Computer Account' then click 'Next'.
Select 'Local Computer' and then click 'OK'.
Click 'Close' and then click 'OK'.
Expand the menu for 'Certificates' and click on the 'Personal' folder.
Right click on the certificate that you want to export and select 'All tasks' -> 'Export'.
A wizard will appear. Make sure you check the box to include the private key and continue through with this wizard until you have a .PFX file.
Next run openssl to extract the private key, and the cert file. # Export the private key file from the pfx file
openssl pkcs12 -in filename.pfx -nocerts -out key.pem
# Export the certificate file from the pfx file
openssl pkcs12 -in filename.pfx -clcerts -nokeys -out cert.pem
# This removes the passphrase from the private key so Apache won't
# prompt you for your passphase when it starts
openssl rsa -in key.pem -out server.key

so the url https://site.com doesnt work,

anyone know how to fix this or just remoce the cert and try again (or buy another one)

thanks

rick
 

cPanelDavidG

Technical Product Specialist
Nov 29, 2006
11,212
13
313
Houston, TX
cPanel Access Level
Root Administrator
and doesn't seem to work:
did this:

Run mmc.exe
Click the 'Console' menu and then click 'Add/Remove Snap-in'.
Click the 'Add' button and then choose the 'certificates' snap-in and click on 'Add'.
Select 'Computer Account' then click 'Next'.
Select 'Local Computer' and then click 'OK'.
Click 'Close' and then click 'OK'.
Expand the menu for 'Certificates' and click on the 'Personal' folder.
Right click on the certificate that you want to export and select 'All tasks' -> 'Export'.
A wizard will appear. Make sure you check the box to include the private key and continue through with this wizard until you have a .PFX file.
Next run openssl to extract the private key, and the cert file. # Export the private key file from the pfx file
openssl pkcs12 -in filename.pfx -nocerts -out key.pem
# Export the certificate file from the pfx file
openssl pkcs12 -in filename.pfx -clcerts -nokeys -out cert.pem
# This removes the passphrase from the private key so Apache won't
# prompt you for your passphase when it starts
openssl rsa -in key.pem -out server.key

so the url https://site.com doesnt work,

anyone know how to fix this or just remoce the cert and try again (or buy another one)

thanks

rick
Just want to make sure: after you converted that certificate, did you apply those certificate and key files to that domain?

You can do this via WHM -> SSL/TLS -> Install a SSL Certificate and Setup the Domain.
 

rickoneil

Registered
Jul 21, 2007
3
0
51
after i imported it i didnt see it in the 'Install a SSL Certificate and Setup the Domain' area

now i think i screwed up because i generated a new set and thats seems to be what it sees now....

how can i clear both and start over, and what are the steps in WHM to accomplish the clearing of the failed import and the unneeded new set that i did.

is there a procedure to import the cert different from my posted method, or will the posted method work and what can i do to get it installed properly...
 

cPanelDavidG

Technical Product Specialist
Nov 29, 2006
11,212
13
313
Houston, TX
cPanel Access Level
Root Administrator
after i imported it i didnt see it in the 'Install a SSL Certificate and Setup the Domain' area

now i think i screwed up because i generated a new set and thats seems to be what it sees now....

how can i clear both and start over, and what are the steps in WHM to accomplish the clearing of the failed import and the unneeded new set that i did.

is there a procedure to import the cert different from my posted method, or will the posted method work and what can i do to get it installed properly...
In WHM, you can simply overwrite the old crt and key with the new data for the crt and key.

Unfortunately, I am not familiar with the procedures for migrating a certificate from IIS to Apache/*nix.