How to create certificate .cer file?

certificate ssl iis-7

What you've been given is a Certificate (the public part, signed by a trusted party) and the associated key (the private part). In simple terms it's the private key that allows your app to sign stuff in a way that the remote party can then validate using the public part, the certificate. Your server needs to have both linked together so that protocols like SSL\TLS can work properly.

In your case you have been given a complete pair, not just the Cert. The format you have been given it is called PEM and unfortunately Windows Certificate Manager can't import that natively (to the best of my knowledge).

The quickest way I've found to convert it is to install OpenSSL somewhere and convert the file you have to PKCS#12 format using the following command. You will need to break the file you got from the CA into two parts, one containing the certificate block called "certificate.txt" and and one containing the private key block called "key.txt":

openssl pkcs12 -export -out mycertkey.p12 -in certificate.txt -inkey key.txt

Once you have the PKCS#12 format file you can import it into Windows:

  • Open the MMC ( Start -> Run -> MMC.exe ) and then select add\remove snap-in and add in the Certificates snap in.
  • Select "Computer Account" as the context.
  • Right click the "Personal" folder and select the "Tasks>Import"
  • Find the mycertkey.p12 file you created and import the certificate and private key into the Computer's Certificate store.

Once the cert is installed you can now assign it from within IIS (this may vary a bit depending on IIS version)

  • Open you IIS Management Console and right click the domain you want to assign the certificate to.
  • Select Properties
  • Select the "Directory Security" tab, and then "Server Certificates"
  • Follow the Certificates Wizard prompts, selecting Next, then select "Assign Certificate" and then Next again.
  • Find and select the certificate you have just imported and click OK.

That should do it.


This article covers the process of creating a certificate request and installing the certificate once the signing authority (GoDaddy, Thawte, etc.) has issued your certificate.

Related

Looking for a free and reliable alternative to Norton Ghost [closed]
Easy to expand Linux software RAID 5 with XFS. Best practices?
Why would you use EAP-TTLS instead of PEAP?
Windows rsync that supports long file names, or an good alternative?
IIS 7.5 Creating self signed certificates with validation date of more than a year
What is the simplest and fastest way to transfer large file through a Windows network?
Building a WSUS server: where to start?
Concatenating files to a virtual file on Linux
How to configure a static wildcard subdomain with dnsmasq
Tool or script to detect moved or renamed files on Linux prior to a backup [closed]
Google Apps, AD and SSO
Resizing a LUKS encrypted volume