exporting SSL keys to Windows servers

Unanswered Question
May 20th, 2008


We have a block of servers that all need verisign certificates and I'm wondering if I can make the following scenario (or something similar) work.

Two servers outside our network and two internal. I'd like to terminate SSL on the CSS + do backend encryption to our FTPS servers. Inhouse, I'd like to import the same SSL certs directly to the Windows FTPS servers (same name different IP).

I generated the RSA key pair on our external CSS, and with them generated a CSR that was uploaded to Verisgn. They sent back a certificate which was unreadable on the CSS and my PC. I saved the cert with extension .pfx and .cer (and a few others) but cannot view it, which makes me think I did something wrong with key or csr generation.

1. Can this setup be accomplished (generating and exporting the keys from CSS to other servers)?

2. Did I botch something somewhere? If so, what commands should I follow to do it right?



  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
joe.arnstein Wed, 05/21/2008 - 08:06

Any thoughts on this one?

To generate the key pair I ran:

ssl genrsa keyname 1024 "password"

Then I did 'ssl associate' and used that name to generate the csr. Can I get away with using this key pair and Verisign cert on our windows servers?


This Discussion