|
|
- Open the Microsoft Management Console: Start > Programs > Windows NT 4.0 Option Pack > Microsoft Internet Information Server > Internet Service Manager.
- Right-click the Web site containing the certificate and select Properties.
- Click the Directory Security tab.
- In the Secure Communications section, click Edit.
- Click Key Manager.
- Select the key to export.
- On the menu bar, select Key > Export Key > Backup File.
- A message warns you about placing sensitive information in a file on your hard drive. Click OK.
- Specify the name of the file that will hold the exported key. Click Save.
Geotrust highly recommends that you save the file to a diskette or CD and store it in a safe place.
To create a Certificate Snap-in in the Microsoft Management Console (MMC) to manage your certificates, follow these steps:
- From your Web server, click Start > Run.
- Type mmc in the text box and click OK.
- From the Microsoft Management Console (MMC) menu bar, select File (in IIS 5.0) and Console (in IIS 6.0), then Add/Remove Snap-in.
- Click Add.
- From the list of snap-ins, select Certificates, and then click Add.
- Select Computer account and click Next.
- Select Local computer (the computer this console is running on), and then click Finish.
- In the snap-in list window, click Close.
- In the Add/Remove Snap-in window, click OK.
- Save these console settings for future use.
- Open the Certificates (Local Computer) snap-in you added, and select Personal > Certificates.
- The Subject field of the certificate lists the Common Name (CN). (Click Tools > Internet Options > Content to view the Common Name if you are not sure).
- Right-click on the desired certificate and select All Tasks > Export. The Certificate Export Wizard opens.
- Select "Yes, export the private key".
- Click Next.
- In the Export File Format window, ensure the option for Personal Information Exchange - PKCS#12 (.pfx) is selected.
- Select "Include all certificates in the certificate path if possible" and then click Next. (If you do not select this option, your server may not recognize the issuer of the certificate, which may result in security warnings for your clients.
- De-select Require Strong Encryption. (This may cause a password prompt every time an application attempts to access the private key or it may cause IIS to fail).
- Click Next.
- Enter and confirm a password to protect the PFX file and click Next.
- Choose a file name and location for the export file (do not include an extension in your file name; the wizard automatically adds the PFX extension for you).
- Click Next.
- Read the summary and verify that the information is correct. Pay special attention to where you saved the file. Ensure that the information is correct.
- Click Finish.
Geotrust highly recommends that you save the file to a diskette or CD and store it in a safe place.
- Locate the private key and certificate files. The following directives in the httpd.conf point to the location of the key and certificate files:
SSLCertificateFile .../path/to/mycertfile.crt
SSLCertificateKeyFile .../path/to/mykeyfile.key
- Copy the .key file, the .crt file, and the httpd.conf file onto a diskette or CD.
<filename>.key- private key
<filename>.crt - public certificate
httpd.conf - Web server configuration file
Geotrust highly recommends that you save the file to a diskette or CD and store it in a safe place.
- Locate the alias directory within the iPlanet directory.
- Locate the files: https < server_name > cert7.db and https key3.db
- Copy them.
Geotrust highly recommends that you save the file to a diskette or CD and store it in a safe place.
- Type ikeyman on a command line on UNIX or start the Key Management utility in the IBM Websphere Server folder.
- Select Key Database File from the main menu, and then select Open.
- In the Open dialog box, type your key database name or click the key.kdb file if you are using the default. Click OK.
- In the Password Prompt dialog box, type your password, and click OK.
- Select Personal Certificates in the Key Database content frame, and then click the Export/Import button on the label.
- In the Export/Import Key window, select Export Key.
- Select the key database file type.
- Type the file name or browse and select the location and file name, and then click OK.
- In the Password Prompt dialog box, type the password, and then click OK.
- In the Select from Key Label list, select the correct label name and click OK.
Geotrust highly recommends that you save the file to a diskette or CD and store it in a safe place.
-
Navigate to the SSL Directory where the SSL Keystore is kept. By default this can be a hidden directory. For example: /root/.keystore
- Make a copy of the keystore file in this directory. This contains your Private and Public keys.
Geotrust highly recommends that you save the file to a diskette or CD and store it in a safe place.
|
|
|
|