Image

In order to install the received ssl certificate, you need to convert it to PFX format, which is then conveniently and quickly installed in the Windows IIS service.

The PFX file contains data:

  • domain-ssl.key - Key file (----- BEGIN PRIVATE KEY -----)
  • domain-ssl.crt - The file of the certificate itself, received in the order (----- BEGIN CERTIFICATE -----)
  • domain-ssl.ca-bundle - Root certificate chain file
    (multiple root certificates (----- BEGIN CERTIFICATE -----))

Next, use the command to convert the certificate to PFX format:

pkcs12 -export -out domain-ssl.pfx -inkey domain-ssl.key -in domain-ssl.crt -certfile domain-ssl.ca-bundle

The command will require you to set a password, which we will then need to enter when installing the certificate in Windows IIS (remember it).

After successful conversion, the message Verifying will appear - this means that everything went well, namely the certificate key matches the certificate itself.

The resulting domain-ssl.pfx file must be added to the Windows IIS settings and enable the web server to work via the https protocol.

The certificate is installed.

The command is provided for Linux operating systems, in order to convert on Windows you need to install openssl.exe.

Image