Export and import an SSL certificate to a new server
To migrate an existing certificate to a new server, we first need to export it.
- Log in on the old server through RDP
- Go to "Run" and type "MMC"
- Go to File > Add/Remove Snap-in
- Choose Add > Certificates
- Go to Personal > Certificates > Your cert > All Tasks > Export
- Export the certificate with PRIVATE KEY
- Enter a password (mandatory)
- Now we transfer the .pfx to the new server. Go to IIS7 and choose the option SSL certificates.
- Now we can reimport the certificate.
- Go to "Sites", select the appropriate site and add the HTTPS binding with the certificate.
Only proceed to this step if there is no PLESK on the serverServer with PLESK
If the server contains plesk you need to execute the following commands
Export the private key file from the pfx file
openssl pkcs12 -in filename.pfx -nocerts -out key.pem
Export the certificate file from the pfx file
openssl pkcs12 -in filename.pfx -clcerts -nokeys -out cert.pem
Remove the passphrase from the private key
openssl rsa -in key.pem -out server.key