Frequently Asked Questions

Installation of SSL Certificate in Windows Azure environment is different. It requires a special password protected PFX file with Triple DES encryption. Please mention this requirement while placing request to us. We will send this special PFX file.

Installation steps are given on this blog.

If you asked for the Intranet SSL without CSR, you would have received server.pfx file on email.

1. Copy the server.pfx file to the Ubuntu machine
2. Ensure that openssl package is installed on Ubuntu
3. Run the following command:
sudo openssl pkcs12 -in server.pfx -passin pass:inetssl2 -out serverpfx.pem -nodes
This will create a serverpfx.pem file, which contains the issued certificate, two CA certificates and the private key.
4. Move the serverpfx.pem file to /etc/ssl/certs/
5. Update the permissions:
sudo chmod 644 /etc/ssl/certs/serverpfx.pem
6. Restart the Apache service:
sudo service apache2 restart

In case, you wish us to make the serverpfx.pem file, write back to us on support@intranetssl.net

Installation of SSL Certificate in Windows Azure environment is different. It requires a special password protected PFX file with Triple DES encryption. Please mention this requirement while placing request to us. We will send this special PFX file.

Installation steps are given on this blog.

Step by step instructions on how to import the SecureNT Intranet SSL Certificate PFX file in Windows IIS Server (any version). It’s a two-step process.

Step-1: How to Import the PFX File in IIS

1. From the Start menu, type MMC, and click OK
2. In the User Account Control window, click Yes
3. In the Console window, in the menu at the top, click File > Add/Remove Snap-in.
4. In the Add or Remove Snap-ins window, under Available snap-ins click Certificates and then, click Add.
5. In the Certificates snap-in window, choose Computer account and then, click Next.
6. In the Select Computer window, select Local computer: (computer this console is running on), and then, click Finish.
7. In the Add or Remove Snap-ins window, click OK.
8. From the Console window, from the Console Root folder, expand Certificates (Local Computer) (the certificate file will be in Personal or Web Hosting folder).
9. Right-click on the certificate file which you want to import and then click All Tasks > Import
10. On the Welcome to the Certificate Import Wizard page, click Next.
11. Follow the instructions to import the primary SSL certificate from the PFX file
12. On the Certificate Store page, select Automatically select the certificate store based on the type of certificate.
13. Double-check your settings and then click Finish

You should see “The import was successful” message.

Step-2: How to Enable the SSL Certificate

1. From the start menu, search for Administrative Tools, open it, and double-click on Internet Information Services (IIS) Manager.
2. Under Connections, expand your server’s name, expand Sites, and then, click the site that you want to encrypt.
3. In the Actions menu, under Edit Site, click Bindings.
4. In the Site Bindings window, click Add.
5. In the Add Site Binding window, from the drop-down lists select: HTTPS, All Unassigned, and enter port 443.
6. From the SSL certificate drop-down list, select the certificate you want to import
7. Click OK and restart your IIS server

SecureNT Intranet SSL certificate is now installed on IIS.

Following article has the steps shown with screen-shots.

How to Import the SSL Certificate w/Private Key .pfx File

Zip file sent by us has the server certificate (server.pfx) in PFX (PKCS12) format. It needs to be imported into the Tomcat/JBoss Keystore file.

To import the SecureNT Intranet SSL Certificate into the Tomcat/JBoss Keystore, use the following command.

keytool -importkeystore -deststorepass inetssl2 -destkeypass inetssl2 -destkeystore [tomcatjbosskeystorefile] -srckeystore server.pfx -srcstoretype PKCS12 -srcstorepass inetssl2 -alias [tomcat/jboss]

In the above command replace the [tomcatjbosskeystorefile] with the Tomcat/JBoss Keystore file you have on your computer.

Also Check: Tomcat keeps its configuration information in the server.xml file. Make sure Tomcat is reading the correct Tomcat/Jboss Keystore file and that port 8443 is enabled for secure connections.

If you asked for the Intranet SSL without CSR, you would have received server.pfx file on email.

1. Copy the server.pfx file to the Ubuntu machine
2. Ensure that openssl package is installed on Ubuntu
3. Run the following command:
sudo openssl pkcs12 -in server.pfx -passin pass:inetssl2 -out serverpfx.pem -nodes
This will create a serverpfx.pem file, which contains the issued certificate, two CA certificates and the private key.
4. Move the serverpfx.pem file to /etc/ssl/certs/
5. Update the permissions:
sudo chmod 644 /etc/ssl/certs/serverpfx.pem
6. Restart the Apache service:
sudo service apache2 restart

In case, you wish us to make the serverpfx.pem file, write back to us on support@intranetssl.net