How can I convert a PFX certificate file for use with Apache on a linux server?

apache ssl
AaronJAnderson picture AaronJAnderson · Jan 8, 2012 · Viewed 188.5k times · Source

How can I convert a PFX certificate file for use with Apache on a linux server?

I created the PFX from Windows Certificate Services. The PFX contains the entire certificate chain. (Which is just a root and the main cert, no intermediate.)

Lead me, wise ones.

Answer

Matej picture Matej · Jan 8, 2012

With OpenSSL you can convert pfx to Apache compatible format with next commands:

openssl pkcs12 -in domain.pfx -clcerts -nokeys -out domain.cer
openssl pkcs12 -in domain.pfx -nocerts -nodes  -out domain.key

First command extracts public key to domain.cer.
Second command extracts private key to domain.key.

Update your Apache configuration file with: 

<VirtualHost 192.168.0.1:443>
 ...
 SSLEngine on
 SSLCertificateFile /path/to/domain.cer
 SSLCertificateKeyFile /path/to/domain.key
 ...
</VirtualHost>

Related questions

ssl_error_rx_record_too_long and Apache SSL

I've got a customer trying to access one of my sites, and they keep getting this error > ssl_error_rx_record_too_long They're getting this error on all browsers, all platforms. I can't reproduce the problem at all. …

Read More
How do you redirect HTTPS to HTTP?

How do you redirect HTTPS to HTTP?. That is, the opposite of what (seemingly) everyone teaches. I have a server on HTTPS for which I paid an SSL certification for and a mirror for which I haven't and keep around …

Read More
Do I need to convert .CER to .CRT for Apache SSL certificates? If so, how?

I need to setup an Apache 2 server with SSL. I have my *.key file, but all the documentation I've found online, *.crt files are specified, and my CA only provided me with a *.cer file. Are *.cer files the same …

Read More