Common tasks with TLS certificates

Our help contains tutorials for common tasks and operations performed with TLS Certificates.

Common tasks with TLS certificates

Migrating from Microsoft Server to Apache

If you need to use a TLS certificate across multiple physical servers, you need to export the certificate from main server and import it to the other (the new one). For detailed tutorial rea article Move a SSL certificate from Microsoft IIS 5.0, 6.0, 7.0 or 8.0 to Apache.

Migrating from Microsoft server to another Microsoft server

Export the original certificate from server (IIS) and import certificate from this PFX file to new server

This operation is simple, because you can transfer the certificate in PKCS #12 (PFX) file.

Open the MMC Console (Start and search for MMC, or use Run and type MMC) and add Snap-In module with certificates. Select My Computer in the next step and confirm.

You should see a console, where the certificates are listed in left part in folders (folders show certificates available in the system store) and the contents of every folder is shown on the right. Find the certificate you need and export it. You usually find the certificate in the Personal folder.

Export the certificate from the certificate store
Export the certificate from the certificate store

The export wizard will ask you for several options (be sure to choose to export the private key; deleting it after exporting will disable the certificate on the server - do not do it) and create a PFX file. This file contains the certificate, private key and all required CA certificates. On a new server, you can easily import the PFX file (again to your computer's storage) via MMC or simply by opening the PFX file.

Migrating from Apache server to Microsoft

When you are moving the certificate from Apache to Microsoft server, you need to join private key and certificate to a PFX file (PKCS#12).

Prepare the private key (usually saved as certificate.key), certificate file (certificate.pem) and Intermediate (intermediate.pem), then use OpenSSL to create a PFX:
openssl pkcs12 -export -out output.pfx -inkey certificate.key -in certificate.pem -certfile intermediate.pem

Then move the newly created PFX file to Windows Server, where you can import it to IIS or directly to the certificate store (MMC).

Migrating from Apache server to another Apache

In the case of transfer the TLS certificate between two Apache servers, you just need to transfer the private key and the certificate file to the second server. Then you just the target server configuration and use files from the old server.

Feel free to contact our Customer Support and ask any questions.

DigiCert Certificate Utility for Windows

We recommend the DigiCert Certificate Utility for Windows for managing TLS certificates on Windows and Windows server platform. You can do all common tasks (to make CSR, import, export certificate) and manage Code Signing certificates.

Image description