SYSTEM ADMIN BOOK
  • Hardware/Physical Machines
    • Physical Networking
      • Patch Panel
    • Hardware Devices
    • PC Build
  • System Configuration
    • Windows
      • OneDrive for Business, Map as Network Drive in Windows
      • PDF Printer
      • Reset Windows Password
    • Linux
    • Mac
      • Factory Reset Mac Mini
      • Install FortiClient VPN
      • Remove FortiClient VPN for Macs
      • Setting Microsoft Teams Notifications in MacOS
      • Download and Install Whatsapp
  • Windows Server
    • Basic Configurations
      • Change Hostname
      • Change Default RDP Port
      • Create a User
      • Add user to Administrator group
      • Add user to Remote Desktop Users group
      • Allow Multiple Remote Desktop Connections
      • Enable Insure Guest Authentication
      • Shrink Partition
      • Extend Partition
    • FTP Server
      • Install FTP Server (IIS)
      • Create User Group
      • Add FTP Site (IIS)
      • User Isolation
      • Allow Firewall
      • FTP Client (FileZilla)
      • FTP Server (FileZilla)
    • Group Policy
      • Block Access to the Control Panel for All Users
      • Create a Logon Banner (Legal Notice)
      • Enable / Disable Copy-Paste Policy
      • Disable Shutdown, Restart Options
      • Disable Multiple Session for Single User
    • Services
      • NSSM - the Non-Sucking Service Manager
    • Task Scheduler
  • Control Panels
    • Plesk
      • Set Hard Quota on disk space for subscription(s)
      • Changing MX, A, and CNAME Records
    • SolidCP
    • cPanel
  • Virtualization
    • Proxmox VE
      • Introduction
      • Download Proxmox ISO
      • Prepare Installation Media
      • Launch Proxmox Installer
      • Create a VM
  • Web Servers
    • IIS
      • Install IIS
      • Configure Default Site
      • Application Pool
      • Installing PHP
      • Deploying a Laravel app on Windows using IIS
      • Update PHP Version in IIS
  • VPN/Proxy Servers
    • Reverse Proxy
      • IIS - Node.js Application
  • Database Servers
    • MS SQL
      • Download and Install
      • Install SSMS
      • Enable SA Account
      • Change SA Account Password
      • Enable Network Access to SQL Express
      • Create and configure a user in MSSQL
  • Web Dev Stacks
  • IT Ticketing Systems
    • Jira Ticketing System
  • Linux Servers
  • AWS Environment
  • Azure Environment
  • Backup and Security
    • SSL Certificates
      • Types of SSL Certificates
      • IIS 10: Create CSR and Install SSL Certificate
      • IIS 7: Generate CSR for Wildcard SSL
      • IIS: Generate CSR for Multi-Domain SSL
      • OpenSSL: Generate CSR
      • IIS 10: How to Install and Configure Your SSL Certificate on Windows Server
      • IIS: Export Pfx using MMC
      • IIS: Import Pfx using MMC
      • IIS: Export Pfx using IIS Manager
      • IIS: Import Pfx using IIS Manager
      • cPanel: Export PFX
      • Godaddy-CPanel: Generate a CSR
      • Godaddy-CPanel: Install SSL Certificate
      • cPanel: Generate CSR
      • cPanel: Install SSL Certificate
      • cPanel: Install Let's Encrypt SSL
      • Plesk: Generate CSR
      • Plesk: Let's Encrypt SSL Installation
      • Plesk: Installing the SSL certificate
      • Plesk: Export Public & Private Key
      • Win-ACME Let's Encrypt SSL
      • Certbot - Install SSL
      • Export Leaf, Root, and Intermediate Files
    • Backup
      • Database
        • MS SQL DB Backup
        • MS SQL Restore Backup
    • Microsoft Defender for Endpoint
      • Introduction & Licenses
  • Email and Office 365
    • Troubleshooting
      • Run a message trace in the Exchange admin center
      • Not receiving email
      • Office 365 Apps Activation Error
    • Mail Clients
      • Outlook
        • Maximum number of Exchange accounts in an Outlook profile
        • Enable automatic forwarding in new Outlook
        • Add Email Signature
        • Create Email Singature
        • Gmail Account Login in Outlook
      • Apple Mail
        • Add email accounts in Mail on Mac
        • Add Mail Signatures
    • Office 365
      • Intro & Subscriptions
      • How to Create a Trial Account
      • How to Access the Office 365 Admin Center
      • Creating a Tenant
      • Create Users
      • Creating & Managing Roles
      • Add a Domain
      • Manage MFA
      • Assign Global Admin Roles
      • Create APP Password
      • Change a user name and email address
      • Reset MFA for Microsoft 365 User
      • Configure email forwarding
      • Add email aliases to a user
      • Change Username or Email Address
    • Google Workspace
      • Intro & Plans
      • Create your Google Workspace trial account
      • Review your DNS records
      • Adding Users
      • Create organizational units
      • Restrict access to a Google Workspace service
      • Edit user attributes
      • Manage user accounts
      • Suspend a User
      • Generate a Transfer Token
      • Reduce Licenses in Google Workspace
    • MailEnable
    • SmarterMail
      • SmarterMail Installation
      • SmarterMail Server Setup
      • Installation and Configuration (Practical)
      • Enable / Disable Domain in SmarterMail
    • Microsoft Teams
      • Guest Access vs. External Access
      • Adding Guests To Microsoft Teams Team
      • Teams Chat DIfferent Domain: Enable External Access
      • Setup Teams Time Zone and Work Hours
    • Microsoft Defender for Office 365
  • DevOps
  • Firewalls
  • Networking
    • Cisco Router Config
    • Cisco Switch Config
      • Basic Data and Voice VLAN Setup Homelab
  • Migration
    • Drive Migration
      • Google Drive to One Drive
    • Mail Migration
      • Google Workspace to Office 365
      • IMAP to Office 365
      • Migration Using PST File Method
    • VM Migration
    • Website Migration
    • Database Migration
  • Monitoring
    • Prometheus
      • Monitoring Windows Servers Using Prometheus
    • Grafana
      • Visualize Data in Grafana
    • Loki
  • Data Center
  • Other Technologies
    • Some R&Ds
Powered by GitBook
On this page

Was this helpful?

  1. Backup and Security
  2. SSL Certificates

IIS: Export Pfx using MMC

PreviousIIS 10: How to Install and Configure Your SSL Certificate on Windows ServerNextIIS: Import Pfx using MMC

Last updated 1 month ago

Was this helpful?

How to Export/Back Up Your SSL Certificate w/Private Key

  1. On the Windows server 2016 where the SSL certificate is installed, open the Console.

    In the Windows start menu, type mmc and open it.

  2. In the Console window, in the top menu, click File > Add/Remove Snap-in.

  3. In the Add or Remove Snap-ins window, in the Available snap-ins pane (left side), select Certificates and then click Add >.

  4. In the Certificate snap-in window, select Computer account and then click Next.

  5. In the Select Computer window, select Local computer: (the computer this console is running on), and then click Finish.

  6. In the Add or Remove Snap-ins window, click OK.

  7. In the Console window, in the Console Root pane (left side), expand Certificates (Local Computer), expand the folder that contains the certificate that you want to export/back up, and then, click the associated Certificates folder.

    Note: Your certificate should be in either the Personal or the Web Hosting folder.

  8. In the center pane, right-click on the certificate that you want to export/back up and then click All Tasks > Export.

  9. In the Certificate Export Wizard, on the Welcome to the Certificate Export Wizard page, click Next.

  10. On the Export Private Key page, select Yes, export the private key, and then, click Next.

  11. On the Export File Format page, select Personal Information Exchange – PKCS #12 (.PFX) and then check Include all certificates in the certification path if possible.

    Warning: Do not select Delete the private key if the export is successful.

  12. On the Security page, do following one of the following options:

    Password:
    i. Check this box.

    Confirm password:

    ii. Then, create and confirm the password.

    Password Note:

    This password will be required when you import the certificate w/private key to your (different) Windows server 2016.

    Group or user name

    i. Check this box

    (recommended)

    ii. In the field below, select the Active Directory user or group account to which you want to assign

    access to the certificate w/private key.

    iii. Then, click Add.

    Export/Import Note:

    The server from which you export the certificate w/private key must be part of an AD domain.

    The server to which you import the certificate w/private key must be tied to an AD domain with a domain controller (DC).

  13. On the File to Export page, click Browse. In the Save As window, locate and select the certificate file that you want to export and then click Save. Finally, on the File to Export page, click Next.

    Make sure to note the filename and the location where you saved your file. If you only enter the filename without selecting a location, your file is saved to the following location: C:\Windows\System32.

  14. On the Completing the Certificate Export Wizard page, verify that the settings are correct and then, click Finish.

  15. You should receive "The export was successful" message.

    The SSL certificate w/private key .pfx file is now saved to the location that you selected.