Exporting SSL Certificate from Linux To Windows Server

An SSL certificate is a digital certificate that authenticates the identity of a Web site to visiting browsers and encrypts information for the server via Secure Sockets Layer (SSL) technology. Encryption is the process of scrambling data into an undecipherable format — ciphertext —, which can only be returned to a readable format with the proper decryption key. A certificate serves as an electronic “passport” that establishes an online entity’s credentials when doing business on the Web. When an Internet user attempts to send confidential information to a Web server, the user’s browser will access the server’s digital certificate and establish a secure connection.

An SSL certificate enables safe, easy and convenient Internet shopping. Once an Internet user enters a secure area — by entering credit card information, e-mail address or other personal data, for example — the shopping site’s SSL certificate enables the browser and Web server to build a secure, encrypted connection. The SSL “handshake” process, which establishes the secure session, takes place discreetly behind the scene without interrupting the consumer’s shopping experience. A “padlock” icon in the browser’s status bar and the “https://” prefix in the URL are the only visible indications of a secure session in progress.
By contrast, if a user attempts to submit personal information to an unsecured Web site (i.e., a site that is not protected with a valid SSL certificate), the browser’s built-in security mechanism will trigger a warning to the user, reminding him/her that the site is not secure and that sensitive data might be intercepted by third parties. Faced with such a warning most Internet users likely will look elsewhere to make a purchase

SSL is the de facto standard for creating a secure, encrypted link between a Web server and a browser. SSL thus ensures safe passage of sensitive information, such as credit card numbers, passwords, user names, etc. SSL is used by e-commerce Web sites as a means to protect online transactions with their customers. Once a secure connection has been established, SSL encrypts information sent from your browser to the Web server. SSL utilizes the public-and-private key encryption system

I hope everyone should know how to install SSL certificates in both linux and windows server . If you don’t know that please get back to me , so that I can give you the instructions for that . Here I want to give you a brief idea about how to export SSL certificates from windows server to linux server .
First, you have to get the certificate and key out of Windows in a pfx (PKCS #12) format.
Click Start, Run, then type “mmc” and hit enter.
In the leftmost menu, choose “Add/Remove Snap In”.
Click “Add”, then click “Certificates”, then OK.
When the wizard starts, choose “Computer Account”, “Local Computer” and finish out the wizard.
Once you’re finished, get back to the MMC and expand the “Certificates” node, then the “Personal” node.
Click on the “Certificates” node under “Personal” and find your certificate in the right pane.
Right click on the certificate and choose “All Tasks”, then “Export”.
When the wizard starts, choose “Yes” for exporting the private key, then select ONLY “Strong Private Key Protection” from the PFX section. You will also need to set a password and specify a location for the PFX file.
Once the PFX file has been saved, close out the MMC (don’t save the snap-in if it asks).
Get the PFX over to the Linux server somehow.
Once the PFX makes it over to the Linux server, you have to decrypt the PFX into a plaintext PEM file (PFX’s are binary files, and can’t be viewed in a text editor):
openssl pkcs12 -in file.pfx -out file.pem
You will be asked for the password for the PFX (which is the one you set in the Windows wizard). Once you enter that, you will be asked for a new password. This new password is used to encrypt the private key. You cannot proceed until you enter a password that is 4 characters or longer. REMEMBER this password!
When this step is complete, you should have a PEM file that you can read in a text editor. Open the file in a text editor and copy the private key and certificate to different files. Remember to keep the dashed lines intact when you copy the certificates - this is important. There is some additional text above the key, and also between the key and certificate - this text should be ignored and should not be included in the certificate and key files.
Now that you have the key and certificate separated, you need to decrypt the private key (or face the wrath of Apache every time you restart the server). You can decrypt the private key like this:
openssl rsa -in file.key -out file.key
Yes, provide the same file name twice and it will decrypt the key onto itself, keeping everything in one file. OpenSSL will ask for a password to decrypt the key, and this is the password you set when you decrypted the PFX. If you forgot the password, you will need to start over from when you brought it over from the Windows box.
After this entire process, you will have four files, a PFX, PEM, KEY, and CRT. Throw away the PFX and PEM, and you can use the key and certificate files to install into Apache. In case you forget the syntax, here’s what goes in the Apache configuration:
SSLEngine On
SSLCertificateFile /path/to/your/certificate
SSLCertificateKeyFile /path/to/your/privatekey

If you know how to install SSL certificates, its easy to follow the above steps.

Article Authored by Niyas

Author, Niyas, is a Systems Engineer with SupportPRO. Niyas specializes in Cpanel, Plesk and Linux servers. SupportPRO offers 24X7 technical support services to Web hosting companies and service providers.