Sign In with your
Trend Micro Account
Need Help?
Need More Help?

Create a technical support case if you need further support.

Exporting an SSL certificate for Deep Security for Web Apps

    • Updated:
    • 18 Feb 2015
    • Product/Version:
    • Deep Security for Web Apps 2.0
    • Trend Micro SSL 2.0
    • Platform:
    • N/A N/A
Summary

Export or back up an SSL certificate for Web Security Apps.

Details
Public

When you export or back up an SSL certificate, the system copies the private key into an encrypted file. The private key was created on the server when the Certificate Signing Request (CSR) was generated.

 
Save the backup file to a removable media (such as a CD) and store it in a safe place.
  1. Open the Microsoft Management Console: Click Start > Programs > Windows NT 4.0 Option Pack > Microsoft Internet Information Server > Internet Service Manager.
  2. Right-click the website containing the certificate and click Properties.
  3. Click the Directory Security tab.
  4. In the Secure Communications section, click Edit.
  5. Click Key Manager.
  6. Select the key to export.
  7. On the menu bar, click Key > Export Key > Backup File.
  8. A message warns you about placing sensitive information in a file on your hard drive. Click OK.
  9. Specify the name of the file that will hold the exported key. Click Save.
  1. Create a Microsoft Management Console (MMC) Snap-in for managing certificates.

    For more information, refer to the following Microsoft articles: Export a certificate with the private key and Import a certificate.

  2. Open the Certificates (Local Computer) snap-in you added, and click Personal > Certificates.
  3. Right-click on the desired certificate and click All Tasks > Export. The Certificate Export Wizard opens.
  4. Select Yes, export the private key.
  5. Click Next.
  6. In the Export File Format window, ensure the option for Personal Information Exchange – PKCS#12 (.pfx) is selected.
  7. Select Include all certificates in the certificate path if possible. If you do not this option, your server may not recognize the issuer of the certificate, which may result in security warnings for your clients.
  8. De-select Require Strong Encryption.

    This may cause a password prompt every time an application attempts to access the private key or it may cause IIS to fail.

  9. Click Next.
  10. Enter and confirm a password to protect the PFX file and click Next.
  11. Choose a file name and location for the export file.

    Do not include an extension in your file name; the wizard automatically adds the PFX extension for you.

  12. Click Next.
  13. Read the summary and verify that the information is correct. Take note where you saved the file and ensure that the information is correct.
  14. Click Finish.
  1. Locate the private key and certificate files. The following directives in the httpd.conf point to the location of the key and certificate files:

    SSLCertificateFile … /path/to/mycertfile.crt
    SSLCACertificateFile … /path/to/intermediate.crt
    SSLCertificateKeyFile … /path/to/mykeyfile.key

     
    Depending on the version of Apache, the directive may be SSLCACertificateFile or SSLCertificateChainFile and the configuration file may be httpd.conf or ssl.conf file.
  2. Copy the .key file, both .crt files (one is the server certificate and the other is the intermediate CA certificate), and the httpd.conf file onto a CD.

    .key – private key
    .crt – server certificate
    .crt – intermediate CA certificate
    httpd.conf – Web server configuration file

  1. Locate the alias directory within the iPlanet directory.
  2. Locate the files: https < server_name > cert7.db and https key3.db.
  3. Copy the files to a CD.
  1. Type "ikeyman" on a command line on UNIX or start the Key Management utility in the IBM Websphere Server folder.
  2. On the main menu, click Key Database File > Open.
  3. In the Open dialog box, type your key database name or click the key.kdb file if you are using the default. Click OK.
  4. In the Password Prompt dialog box, type your password and click OK.
  5. Select Personal Certificates in the Key Database content frame and then click the Export/Import button on the label.
  6. In the Export/Import Key window, select Export Key.
  7. Select the key database file type.
  8. Type the file name or browse and select the location and file name, and then click OK.
  9. In the Password Prompt dialog box, type the password, and then click OK.
  10. In the Select from Key Label list, select the correct label name and click OK.
  1. Navigate to the SSL Directory where the SSL Keystore is kept. This can be a hidden directory; for example: /root/.keystore
  2. Make a copy of the keystore file in this directory. The keystore file contains your private and public keys.
Premium
Internal
Rating:
Category:
Configure; Troubleshoot; Migrate
Solution Id:
1097647
Feedback
Did this article help you?

Thank you for your feedback!

To help us improve the quality of this article, please leave your email here so we can clarify further your feedback, if neccessary:
We will not send you spam or share your email address.

*This form is automated system. General questions, technical, sales, and product-related issues submitted through this form will not be answered.

If you need additional help, you may try to contact the support team. Contact Support


To help us improve the quality of this article, please leave your email here so we can clarify further your feedback, if neccessary:
We will not send you spam or share your email address.

*This form is automated system. General questions, technical, sales, and product-related issues submitted through this form will not be answered.


Need More Help?

Create a technical support case if you need further support.