{"id":721,"date":"2010-11-09T12:31:52","date_gmt":"2010-11-09T20:31:52","guid":{"rendered":"http:\/\/lianza.org\/blog\/?p=721"},"modified":"2010-11-09T12:31:52","modified_gmt":"2010-11-09T20:31:52","slug":"howto-copy-a-certificate-out-of-iis-and-into-a-coyote-traffic-management-sever","status":"publish","type":"post","link":"https:\/\/lianza.org\/blog\/2010\/11\/09\/howto-copy-a-certificate-out-of-iis-and-into-a-coyote-traffic-management-sever\/","title":{"rendered":"Howto: Copy a Certificate out of IIS and into a Coyote Traffic Management Sever"},"content":{"rendered":"<p>No one probably wants to read this, but I couldn&#8217;t find the full end-to-end walkthrough on the internet, so I figured it should be there.  Here are the steps (please suggest a faster way if you know of one!):<\/p>\n<p><strong>1. Export the Certificate using the MMC Snap In Tool<\/strong> (instructions <a href=\"http:\/\/www.digicert.com\/ssl-support\/pfx-import-export-iis-7.htm\">found here<\/a> but summarized below.<br \/>\n<br \/>\nThere are a bunch of ways to export a certificate, each of which misses various parts that you&#8217;ll need.  This makes sure you get the cert chain and the private key:<\/p>\n<ol>\n<li>Start > Run type in &#8220;MMC&#8221; and click OK<\/li>\n<li>Go into the File Tab > select Add\/Remove Snap-in<\/li>\n<li>Click on Certificates and click on Add.<\/li>\n<li>Select Computer Account > Click Next<\/li>\n<li>Select Local Computer > Click Finish<\/li>\n<li>Click OK to close the Add\/Remove Snap-in window.<\/li>\n<li>Double click on Certificates (Local Computer) in the center window.<\/li>\n<li>Double click on the Personal folder, and then on Certificates.<\/li>\n<li>Right Click on the Certificate you would like to backup and choose > ALL TASKS > Export<\/li>\n<li>Follow the Certificate Export Wizard to backup your certificate to a .pfx file.<\/li>\n<li>Choose to &#8216;Yes, export the private key&#8217;<\/li>\n<li>Choose to &#8220;Include all certificates in certificate path if possible.&#8221; (do NOT select the delete Private Key option)<\/li>\n<li>Enter a password you will remember<\/li>\n<li>Choose to save file on a set location<\/li>\n<li>Finish<\/li>\n<\/ol>\n<p><strong>2. Convert the binary pfx file into a .pem file with openssl<\/strong> (tip <a href=\"http:\/\/sycure.wordpress.com\/2008\/05\/15\/tips-using-openssl-to-extract-private-key-pem-file-from-pfx-personal-information-exchange\/\">here<\/a>, but reproduced below)<br \/>\n<code>openssl pkcs12 -in publicAndprivate.pfx -out publicAndprivate.pem<\/code><\/p>\n<p><strong>3. Strip the password out of your private key<\/strong><strong><br \/>\n<code>openssl rsa -in publicAndprivate.pem -out private.pem<\/code><\/p>\n<p><\/strong><strong>4. Put the password-less private key into your .pem file<\/strong><br \/>\nOpen your &#8220;publicAndprivate.pem&#8221; file, and replace the private key section (marked with &#8212;&#8211;BEGIN RSA PRIVATE KEY&#8212;&#8211;) with the contents of your private.pem file.<\/p>\n<p>\nThat new file now has your cert, and password-less private key for uploading into a Coyote box.  There may be a faster way (openssl may have a different combination of flags) but that did it for me.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>No one probably wants to read this, but I couldn&#8217;t find the full end-to-end walkthrough on the internet, so I figured it should be there. Here are the steps (please suggest a faster way if you know of one!): 1. Export the Certificate using the MMC Snap In Tool (instructions found here but summarized below. [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"jetpack_post_was_ever_published":false,"_jetpack_newsletter_access":"","_jetpack_dont_email_post_to_subs":false,"_jetpack_newsletter_tier_id":0,"_jetpack_memberships_contains_paywalled_content":false,"_jetpack_memberships_contains_paid_content":false,"footnotes":"","jetpack_publicize_message":"","jetpack_publicize_feature_enabled":true,"jetpack_social_post_already_shared":false,"jetpack_social_options":{"image_generator_settings":{"template":"highway","default_image_id":0,"font":"","enabled":false},"version":2}},"categories":[9],"tags":[],"class_list":["post-721","post","type-post","status-publish","format-standard","hentry","category-techie"],"jetpack_publicize_connections":[],"jetpack_featured_media_url":"","jetpack_sharing_enabled":true,"jetpack_shortlink":"https:\/\/wp.me\/p5TCqO-bD","jetpack_likes_enabled":true,"_links":{"self":[{"href":"https:\/\/lianza.org\/blog\/wp-json\/wp\/v2\/posts\/721","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/lianza.org\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/lianza.org\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/lianza.org\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/lianza.org\/blog\/wp-json\/wp\/v2\/comments?post=721"}],"version-history":[{"count":0,"href":"https:\/\/lianza.org\/blog\/wp-json\/wp\/v2\/posts\/721\/revisions"}],"wp:attachment":[{"href":"https:\/\/lianza.org\/blog\/wp-json\/wp\/v2\/media?parent=721"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/lianza.org\/blog\/wp-json\/wp\/v2\/categories?post=721"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/lianza.org\/blog\/wp-json\/wp\/v2\/tags?post=721"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}