Windows servers use PKCS#12 – .pfx/.p12 files to contain the public key file (SSL Certificate) and its unique private key file. The Certificate Authority (CA) provides you with your SSL Certificate (public key file). You use your server to generate the associated private key file where the CSR was created.

You need both the public key and private keys for an SSL certificate to work properly on any system. Windows uses the pfx/p12 file to contain these two keys; therefore, if you need to transfer your SSL certificate from one server to another or store it someplace for safe keeping you need to create a .pfx/.p12 backup.

To backup, export, and move an SSL certificate from Windows Exchange  to Mac OS X perform the following steps.

Step 1:  Create an MMC Snap-in for Managing Certificates on the IIS system:

  1. Start > run > MMC.
  2. Go into the Console Tab > File > Add/Remove Snap-in.
  3. Click on Add > Click on Certificates and click on Add.
  4. Choose Computer Account > Next.
    mmc export
  5. Choose Local Computer > Finish.
    mmc export
  6. Close the Add Standalone Snap-in window.
  7. Click on OK at the Add/Remove Snap-in window.

Step 2: Export/Backup certificate to .pfx file:

  1. In MMC Double click on Certificates (Local Computer) in the center window.
  2. Double click on the Personal folder, and then on Certificates.
  3. Right Click on the Certificate you would like to backup and choose > ALL TASKS > Export
  4. Follow the Certificate Export Wizard to backup your certificate to a .pfx file.mmc export
  5. Choose to ‘Yes, export the private key
    mmc export
  6. Choose to “Include all certificates in certificate path if possible.” (do NOT select the delete Private Key option)
    mmc export
  7. Enter a password you will remember.
  8. Choose to save file on a set location.
  9. Click Finish.
    mmc export
  10. You will receive a message > “The export was successful.” > Click OK.
  11. The .pfx file backup is now saved in the location you selected and is ready to be moved or stored for your safe keeping.

Step 3: Installing your PKCS#12 .pfx/.P12 file on Mac OS X

  1. To open Keychain Access, start by clicking on Go in the Finder menu and the select Utilities.
  2. When the Utilities window opens up, look for and click on the icon named Keychain Access.
    Note: Alternatively, you can open the Keychain Access by typing “Keychain Access” in the Spotlight search field at the top.
  3. Within the Keychain Access menu select File > click  Import Items.
    MAC OS X KeyChain Access
  4. Browse to the .p12 or .pfx file that you want to import and open it.
  5. In the Add Certificates window select System in the Keychain drop-down and click Add.
    Mac OS X Adding System Certificate
  6. Enter your admin password to authorize the changes and click Modify Keychain.
    Mac OS X Keychain Access password
  7. Enter the password that you created when you created your .p12/.pfx file
    Mac OS X pfx password

Congrats you have just imported your SSL Certificate .p12/pfx file.

Step 4: Assigning a New Certificate to Services:

  • To Assign to a WebSite: 
    1. Open the server admin.
    2. Navigate to Web > Security > Enable Secure Socket Layer (SSL).
    3. Select the certificate issued to your site from the drop-down menu to assign the services.
    4. Restart the site.
  • To Assign to a Mail Service:
    1. Open the server admin.
    2. Navigate to Settings > Advanced > Security.
    3. Assign the SSL Certificate to SMTP or IMAP Services.

Your SSL certificate should now be installed and configured on the website or mail service.

If you are unable to use these instructions for your server, Acmetek recommends that you contact either the vendor of your software or the hosting organization that supports it.

Apple Support:

For support refer to Mac

LoadingAdd to favorites

About SSLSupportDesk:

SSLSupportDesk is part of Acmetek who is a trusted advisor of security solutions and services. They provide comprehensive security solutions that include Encryption & Authentication (SSL), Endpoint Protection, Multi-factor Authentication, PKI/Digital Signing Certificates, DDOS, WAF and Malware Removal. If you are looking for security look no further. Acmetek has it all covered!

Contact an SSL Specialist to get a consultation on the Website Security Solutions that can fit your needs.

Become a Partner and create additional revenue stream while the heavy lifting for you.