PMG Web Server - Creating a certificate from IIS7

User community discussion group for Passwords Max

PMG Web Server - Creating a certificate from IIS7

Postby AuthorDirect » Wed May 23, 2018 11:30 am

The following is a summary of some of the methods used by clients to create certificates for use with PMG.

Option 1:
"Double-click the .pfx certificate to import it into the computer's certificate store, then use the Certificates MMC (for Local Computer) to access the imported certificate and Export it. Only the Base-64 format will work - the default DER encoded binary would not work for the web server. Renamed the resulting .cer file to .crt"

Option 2:
Sample batch file using OpenSSL64:

@echo Extract private key from
@echo ...
\Utils\OpenSSL64\bin\openssl.exe pkcs12 -in -nocerts -out privateKey.pem
@echo ...
@echo Remove private password and create
@echo ...
\Utils\OpenSSL64\bin\openssl.exe rsa -in privateKey.pem -out
@echo ...
@echo Extract certificate from
@echo ...
\Utils\OpenSSL64\bin\openssl.exe openssl pkcs12 -in -out

Option 3:
Create the certificate from an internal Active Directory Certificate Authority by creating a request using IIS on the server and use that to request a web server cert from my domain Certificate Authority. Once certificate has been installed, export it to .pfx and then used openssl to split out the cert and private key. Move the files to the existing location \\Servername\c$\programdata\Passwords Max for Groups\Data\web\certificates or applicable folder.
Site Admin
Posts: 611
Joined: Mon Feb 07, 2005 8:42 pm

Return to Passwords Max

Who is online

Users browsing this forum: No registered users and 2 guests