When you want to move an SSL certificate from one server to another server, you need to perform the following steps:
- Login to your old server as root user.
- Find .crt and .key files of your domain’s SSL certificate. You can use following commands for finding the files:
find / -name '*.crt' find / -name '*.key' - Generally, these two files will be located under following path:
/etc/ssl/ - So, the full file name should be as follows:
/etc/ssl/certs/YOUR_DOMAIN_NAME.crt /etc/ssl/private/YOUR_DOMAIN_NAME.key - Now, you need to run following command to export the SSL:
- openssl pkcs12 -export -out OUTPUT_FILENAME -inkey KEY_FILENAME -in CERTIFICATE_FILENAME
- Parameters should be:
- OUTPUT_FILENAME: File name with full path for generating file.KEY_FILENAME : Full path of .key file (i.e. : /etc/ssl/private/DOMAIN.key).
- CERTIFICATE_FILENAME: Full path of .crt file.(i.e.: /etc/ssl/certs/DOMAIN.crt).
- You will be asked to set a password for your file. Enter the password and re-enter it to confirm that password. This will create the .pfx file at the given path.
- Download this .pfx file to another server in which you want to install this certificate.
Notes:
- These steps are performed on CentOS 5.6. For other Linux based distributions, it would be similar.
- These steps can only be performed if you have the root access to your Linux VPS /Dedicated Server.
