Converting an x509 SSL certificate from a Linux node into one usable for IIS on Windows
I don’t know how many other people out there might ever need to do something like this. Say you have a Linux web server using an SSL certificate, and you need to put that same certificate onto a Windows server for use with IIS. Here is how you would accomplish it.
You’ll need the openssl tool on your Linux node to do this.
- Put the contents of the public SSL cert and the private key into one file. Easiest way to do this would be to cat the public cert and append to a new file. Then cat the private key and append to that same file. For the purposes of the next steps, we’ll call this new file ‘newcert.crt’.
- Now, run: openssl pkcs12 -export -in newcert.crt -out iiscert.p12 -name “My Certificate”
- Where ‘newcert.crt’ is the file that we created in the first step, and ‘iiscert.p12′ is the file that will be imported into IIS
- Securely (i.e. scp or something that won’t send the file in clear text – it contains your private key!) copy the iiscert.p12 file to the IIS server you’ll be using it on.
- Use the certificates MMC to import the iiscert.p12 file into the Personal certificate store for the computer object.
- Now use IIS to configure the default web page and replace the current certificate with the new one that was just imported.
Voila! Now you have a cross-platform SSL cert you can use.
