[EMAIL PROTECTED] wrote: > Hi, > > We are considering a migration from IIS to apache2 on a win2k server. I > got mod_ssl up and running with a self-signed sertificate but I hit the > wall when I tried to reuse our existing certificate signed from a CA.
First export the IIS certificate: - Go to the IIS manager, go to the website with the certificate and cloose 'properties' - Go to the tab 'Directory security' - Click on 'View certificate' in the 'secure communications' section - Click in the new screen on the tab 'details' - Click on 'Export to file...' - Select 'Yes, export the private key' - Select only the option 'enable strong protection', and enter a password - Give a filename - Click on 'finish'. Now you have a p12 certificate. Copy this certificate to your Apache machine To get the key: openssl pkcs12 -nocerts -in [.pfx] -out certificate.key This asks for three passwords: first one is the export password used in the previous step, and the second/third are the private key passwords. You can later remove the private key password with mv certificate.key certificate.key.encrypted openssl rsa -in certificate.key.encrypted -out certificate.key And to generate the cer: openssl pkcs12 -nokeys -in [.pfx] -out certificate.cer This is probably not the fastest way, but this is the documentation I made for my colleagues. Joost --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
