JOIN OUR AFFILIATE NETWORK

Join our affiliate network and become a local SSL expert

♦ learn more about our program ♦
Menu
picture of tbs certificates
picture of tbs certificates
Certificates
Our products range
Partners
Support
Focus


Create a backup file of your IIS5, IIS6 or IIS7 certificate and of its private key

Thawte Standard or Wildcard users: before exporting, make sure the Thawte PCA certificate that expires in 2036 does not exist or has been deactivated: Desable Thawte PCA root (2036)

VeriSign users: before exporting, make sure the certificate VeriSign Class 3 Public Primary Certification Authority - G5 that expires in 2036 does not exist or has been deactivated:Deactivate VeriSign Class 3 Public Primary Certification Authority - G5 (2036) root

Comodo users: before exporting, make sure the certificate COMODO RSA Certification Authority that expires in 2038 does not exist or has been deactivated: Deactivate COMODO RSA Certification Authority (2038) root

Exportation of the certificate from IIS5 or IIS6 (not IIS7)

In order to save your certificate elsewhere than on this server (backup file):
  • In the start menu, select "Administrative Tool" .
  • launch IIS Manager
  • Open the properties window of the concerned website. To do so right click on it or select Properties in the menu
  • Open the "Directory Security" tab  
  • Click "View Certificate" . A window opens
  • Click the Details tab 
  • Click "copy in a file". A wizard is launched.
  • Follow the instructions to create a .pfx file


    • choose to export the private key
    • then on the next page
    • tick "enable strong protection" (do not tick the box if the certificate is not to be imported on IIS)
    • include the certification chain
      ("Include all certificates in certificate path if possible")
    • DO NOT delete the private key

  • Provide a cypherment password for this file
  • Store the .pfx file and its password in a safe place.

.PFX (PKCS12 format) exportation for every IIS versions

This .pfx can then be imported in an other server Microsoft IIS 5, 6, or IIS 7 server or in Microsoft ISA, orMicrosoft Exchange. It make the certificate move possible.

You can also convert your pfx certificate into a PEM or JKS (Java, Tomcat, ...) 

Export the certificate without using IIS (ISA, Exchange, ...): Launch the MMC

  • Click  Start then select   Run and type mmc


  • Clck on the  File menu and select   Add/Remove Snap in


  • Choose   Add, select   Certificates in the   Standalone Snap-in list then click   Add


  • Choose   Computer Account and click   Next


  • Tick   Local Computer and click   Finish


  • Close the window and click OK in the previous window



IN "certificates" >> "personal", select your certificate and right-click on it, "all tasks", "export"
  • choose to export the private key
  • then on the next page
  • tick "enable strong protection" (do not tick the box if the certificate is not to be import on IIS)
  • include the certification chain
    ("Include all certificates in certificate path if possible")
  • DO NOT delete the private key

  • provide a cypherment password for this file
  • Store the .pfx file in a safe place with its password.