We have a block of servers that all need verisign certificates and I'm wondering if I can make the following scenario (or something similar) work.
Two servers outside our network and two internal. I'd like to terminate SSL on the CSS + do backend encryption to our FTPS servers. Inhouse, I'd like to import the same SSL certs directly to the Windows FTPS servers (same name different IP).
I generated the RSA key pair on our external CSS, and with them generated a CSR that was uploaded to Verisgn. They sent back a certificate which was unreadable on the CSS and my PC. I saved the cert with extension .pfx and .cer (and a few others) but cannot view it, which makes me think I did something wrong with key or csr generation.
1. Can this setup be accomplished (generating and exporting the keys from CSS to other servers)?
2. Did I botch something somewhere? If so, what commands should I follow to do it right?