When we request SharePoint
server to server trust certificates from the company, we are receiving the following
two files.
Mycert.cer
Mycert.key
However, we do not receive
the pfx file that required for SharePoint servers. We has been using different
ways to construct the pfx file and I would like to summarize here in order for me
to refer in the future.
There are different
situations that we need to generate pfx certificate. The way to generate it
will depends and I’ll show two different ways.
The first situation is you have a private key with a .p7b certificate file and need to create a .pfx
file.
You could use IIS server MMC UI to create the pfx file as described here.
The second is you have received both cer and kay file, you have to generate the pfx file from scratch. You could use the following command to generate the pfx file. You MUST put the key file with same name as cer file in the same directory as described here.
You could use IIS server MMC UI to create the pfx file as described here.
The second is you have received both cer and kay file, you have to generate the pfx file from scratch. You could use the following command to generate the pfx file. You MUST put the key file with same name as cer file in the same directory as described here.
certutil -MergePFX Mycert.cer
Mycert.pfx
The third situation is you
have pfx file already imported to IIS but accidentally deleted. Now you only
have the cer file but NO key file. Here is the way to generate the pfx file.
Upload the cer file to IIS as
described in Microsoft support blog. Run the following command to restore the
pfx file.
certutil
-repairstore my "SerialNumber"
SerialNumber is the serial number that you find for the cer file uploaded.
SerialNumber is the serial number that you find for the cer file uploaded.
Now you have the cert file for SharePoint server
to use.
