Merge private key with certificate using OpenSSL

I had an issue where I needed to replace the current SSL certificate on Exchange 2010 with the same certificate that had additional SAN names added.  Unfortunately, the certificate I was provided was not signed by the provider’s (GoDaddy in this case) private key so the certificate could not be directly imported.  I used OpenSSL to sign the certificate with the provided private key and was able to import the certificate into Exchange successfully after creating a temporary certificate to assign the services while I removed the existing certificate to import the newly created one.

Using OpenSSL, run the following command to sign the certificate with the provided private key:

openssl pkcs12 -export -in -inkey server.mydomain.key -out mycertificate.pfx


Leave a Reply

Your email address will not be published.