SSL Certificate Issues

**_hammondt_** · 2010-12-06 17:45:10

I'm trying to upgrade the SSL certs on our Connect server. I have requested and received a new wildcard certificate to replace our existing certificates. The problem is that I create the new cert on Windows through IIS and now have a PFX file. I have been unable to remember how to do the proper conversion to the format that Connect wants. This is one area where I think Adobe's docs have been very thin. They just say it needs to be in PEM format with both the private and public key. I have done this I believe but it does not seem to work.

Has anyone else converted a PFX into a PEM for use with Connect and can remember the proper procedure? Or at the least knows the exact specs that the cert must be?

**_tltengineer_** · 2010-12-08 17:41:55

hammondt,

You can use openssl to convert from the pfx to a pem format. I believe the command is

openssl pkcs12 -in c:\YourPfxCert.pfx -out c:\YourPemCert.pem

When you run this command, it will ask for the passphrase you specified when you created the pfx file (it may also give you the option of specifiying a new one? can't remember).

This will create a pem file that contains both the private and public key. There might be a different openssl command that will create a separate pem file for the private and public keys from the pfx file.

When you exported the SSL cert into a pfx format, did you also export the private key?

-Stanley

**_hammondt_** · 2010-12-08 19:06:29

I had tried that exact command because that's what I thought I needed to use. I exported the private key with it so that is included. I wasnt quite sure if I should include the entire certificate path or not though.

**_tltengineer_** · 2010-12-13 12:05:37

Hammondt,

The only other thing I can think of, is that you need to speciify the file location and the passphrase in the Adaptor.xml file. Perhaps that has changed for your new pem certs?

The SSL cert for our server does contain the entire certificate chain.
On windows servers you can view the contents of the PEM file using notepad. If you use wordpad, it can add extra symbols into the file which ruins the cert.

-Stanley

**_hammondt_** · 2010-12-13 12:07:53

I actually figured it out. It was a combination of a typo and getting the proper settings for the PFX to be turned into a PEM file.

**_sahaya_** · 2011-04-24 03:56:22

i think this site http://www.tucktail.com/tt/ssl-certificate-services/ might help you. try it.

#1 2010-12-06 17:45:10

SSL Certificate Issues

#2 2010-12-08 17:41:55

Re: SSL Certificate Issues

#3 2010-12-08 19:06:29

Re: SSL Certificate Issues

#4 2010-12-13 12:05:37

Re: SSL Certificate Issues

#5 2010-12-13 12:07:53

Re: SSL Certificate Issues

#6 2011-04-24 03:56:22

Re: SSL Certificate Issues

Board footer