Step 1: Export the cert in Windows machine
- Click Start, Run, then type “mmc” and hit enter.
- In the leftmost menu, choose “Add/Remove Snap In”.
- Click “Add”, then click “Certificates”, then OK.
- When the wizard starts, choose “Computer Account”, “Local Computer” and finish out the wizard.
- Once you’re finished, get back to the MMC and expand the “Certificates” node, then the “Personal” node.
- Click on the “Certificates” node under “Personal” and find your certificate in the right pane.
- Right click on the certificate and choose “All Tasks”, then “Export”.
- When the wizard starts, choose “Yes” for exporting the private key, then select ONLY “Strong Private Key Protection” from the PFX section. You will also need to set a password and specify a location for the PFX file.
- Once the PFX file has been saved, close out the MMC (don’t save the snap-in if it asks).
- Copy the PFX over to the Linux server via FTP.
Step 2: Convert pfx and get private key and cert separately.
Assuming the filename that you copied from your windows machine is certificate.pfx and you have already copied the file over to your linux machine, run the below commands in your linux machine
- openssl pkcs12 -in certificate.pfx -out temp.pem
- Open the file in a text editor and copy the private key and certificate to different files (private.key certificate.crt respectively).
- openssl rsa -in private.key -out private.key