To install a SSL certificate from Apache to Microsoft IIS 7 server, perform the following steps.
Step 1: Export certificate from Apache in PKCS#12 format
- Locate the separate parts of the certificate - the private key, the server certificate and the intermediate CA certificate. They will be configured in Apache as follows (with differences for file paths and names):
- Export the certificate with the following OpenSSL command - change the file paths as appropriate:
openssl pkcs12 -export -in /path/to/ssl-cert.crt -inkey /path/to/private.key -certfile /path/to/intermediate-ca.crt -out cert-export.pfx
- Copy the resultant .pfx file to the IIS 7 server.
Step 2: Import certificate in IIS 7
- Open the IIS Manager.
- Select the server to manage on the left, double-click on Server Certificates on the right.
- Under Actions, click Import...
- Click the '...' button and browse to the .pfx file copied to the server in Part 1, select the .pfx file and click Open.
- Type the password specified when exporting the certificate in Part 1, select the option box Allow this certificate to be exported and click OK.
- The certificate should now appear in the Server Certificates window.
Step 3: Binding certificate to the web site:
- Click Start > Administrative Tools > Internet Information Services (IIS) Manager.
- Browse to your server name > Sites > Your SSL-based site.
- From the Actions pane, choose Bindings.
- In the Site Bindings window, choose Add.
- From the Add Site Bindings window, provide the binding type.
- Select the SSL certificate that will be used for this site.
- Click OK.
Step 4: Verify certificate installation
- Optional: Stop and Start your Web server prior to testing.
Note: In some cases the changes may not take place after restarting IIS Services and a re-boot is needed.
- To verify the SSL certificate installation, use the DigiCert Certificate Installation Checker