Install Pfx Certificate Apache Windows
PFX Files & Windows Internet Information Service 7 (IIS) A PKCS12 (PFX) file is a specially formatted file which includes the SSL Certificate, Private Key and optionally any required Intermediate CA Certificates. The file has an extension of.PFX and is compatible with Windows Internet Information Service (IIS).
I am a developer. Our server admins have given me 3 files. .cer, .pfx and .p7b and told me to install SSL in Apache Server. I have Wamp with Apache version 2.4.9. I have search and found something. I open httpd.conf file and search for DocumentRoot. After DocumentRoot I have added,
Now when I restart the apache. I am unable to navigate the server even on http. When I comment the above lines, my sites works on http.
user960567user9605672 Answers
Although this is not exactly a 'question', and you do not specify what is inside your files, you're doing at least one thing wrong: a pfx file (assuming this is not a naming error) cannot be used directly as a 'key' in Apache. When god writes your love story expanded edition pdf. Without knowing the contents of the cer and the p7b file, let's assume that the pfx has all the info we need and that you have the pfx password (you do, right?), and start from there.
Grab and install OpenSSL for Windows (Suggestion: https://indy.fulgan.com/SSL/ has precompiled binaries if you're not willing to build from sources in http://www.openssl.org/)
Extract the different files required for Apache from the pfx (you'll be prompted for the pfx password when required):
a. Extract the SSL Certificate Private Key (Encrypted) from the pfx
C:Path> openssl pkcs12 -in MyPfx.pfx -nocerts -nodes -out MyEncKey.key
b. Remove the encryption from the SSL Certificate Private Key
C:Path> openssl rsa -in MyEncKey.key -out MyKey.key
c. Extract SSL Certificate from the pfx
C:Path> openssl pkcs12 -in MyPfx.pfx -clcerts -nokeys -out MyCert.cer
d. Extract the (possibly empty) CA Certificate Chain from the pfx
C:Path> openssl pkcs12 -in MyPfx.pfx -nodes -nokeys -cacerts -out MyCAs.crt
Rebuild your httpd.conf using these lines instead of yours (note: ONLY INCLUDE THE SSLCACertificateFile line if the MyCAs.crt is not empty; you can check it with any text editor)
Your SSL Certificate will work on HTTPS Port i.e 443, You need to Redirect your traffic from Http to HTTPS for Apache you need to make You need to go to MMC to put your Certificate and then Validate that one.
Not the answer you're looking for? Browse other questions tagged sslapache-2.4windows-server-2012-r2 or ask your own question.
Transferring an SSL Certificate from a Windows server to an Apache Server
These instructions explain how to export an SSL certificate installed on a Microsoft server for importing to an Apache server. The SSL certificate file is exported as a .crt and .key file and includes the intermediate certificate. If you need your SSL certificate in a .pfx format, please see DigiCert Certificate Utility SSL Certificate Export Instructions (PFX Format).
Background
Apache servers split the SSL certificate parts into two separate files: .crt and .key files. The .crt file contains the public key file (SSL certificate file), and the .key file contains the associated private key. DigiCert provides your SSL certificate file (public key file). You use your server to generate the associated private key file as part of the CSR. You need both the public and private keys for an SSL certificate to function.
Windows servers use .pfx files that contain the public key file (SSL certificate file) and the associated private key file. So, if transferring your SSL certificates from a Windows server to Apache, you need to export the certificate in an Apache compatible format, which splits the public (.crt) and private (.key) files.
Export Prerequisites
Install Pfx Certificate Iis
To export your certificate .crt file and its .key file for apache, the SSL certificate and its corresponding private key must be on the same computer/workstation. You may need to import the certificate to the computer that has the associated private key stored on it. (e.g., the laptop/desktop computer where you created the CSR) before you can successfully export the .crt and .key files.
For help importing the certificate, see SSL Certificate Importing Instructions: DigiCert Certificate Utility.
How to Export Your SSL Certificate w/Private Key Using the DigiCert Certificate Utility
On your Windows Server from which you want to export the SSL certificate, download and save the DigiCert® Certificate Utility for Windows executable (DigiCertUtil.exe).
Run the DigiCert® Certificate Utility for Windows (double-click DigiCertUtil).
In the DigiCert Certificate Utility for Windows©, click SSL (gold lock), select the certificate that you want to export as a .pfx file, and then click Export Certificate.
In the Certificate Export wizard, select Yes, export the private key, select key file (Apache compatible format), and then click Next.
Note: If the Yes, export the private key option is grayed out (not unusable), the certificate's matching private key is not on that computer. This prevents you from being able to create the .key file for apache. To fix this problem, you will need to import the certificate to the same machine where the certificate's CSR was created. See Export Prerequisite.
In the File name box, click … to browse the location where you want to save your files.
In the Save As window, browse for and select the location where you want to save your .key and .crt files.
Provide a file name (i.e. your_domain_com.key) for your .key file, noting that your server .crt file will have the same name (i.e your_domain_com.crt).
Click Save.
In the Certificate Export wizard, click Finish.
This exports the following files that you need to copy to your Apache server:
Private Key:your_domain_com.key
Server Certificate:your_domain_com.crt
Intermediate Certificate:DigiCertCA.crtAfter you receive the 'Your certificate and key have been successfully exported' message, click OK.
Enable Certificate Files on Apache and Other Servers Using Apache Format
Install Pfx Certificate Windows 10
To enable these certificate files in Apache or other Server types that use SSL certificate files in Apache format, you need to follow the instructions for that particular server type:
For other server types that use certificate files in Apache format, please see SSL Certificate Installation Instructions & Tutorials to find the SSL certificate installation instructions for your server type.
Test Your Installation
To verify that the installation is correct, use our DigiCert® SSL Installation Diagnostics Tool and enter the DNS name of the site (i.e. www.yourdomain.com, or mail.yourdomain.com) that you are securing to test your SSL certificate.
Apache SSL Certificates, Guides, & Tutorials
Buy NowLearn More