Convert SSL PFX for NGINX Usage

NGINX doesn’t natively use a pfx key file (pfx is what Windows IIS needs). So, it must be converted to a private key, removing the public key from it.

Create the folder for storing SSL certificates:

cd /etc/nginx/
mkdir ssl
cd ssl
chmod 700 /etc/nginx/ssl

From the pfx file, recover the public certificate:

openssl pkcs12 -in cert.pfx -clcerts -nokeys -out public.crt

From the pfx file, recover the encrypted private key:

openssl pkcs12 -in cert.pfx -nocerts -nodes -out private.rsa

Now, decrypt the encrypted private key:

openssl rsa -in private.rsa -out private.key

Move the public certificate and private key to the ssl folder, created earlier.

Set permissions on the ssl folder and files, so only root can access the certs and keys:

chmod 600 -R /etc/nginx/ssl/*

Linux Network Monitoring

Validating AD Machine Account

SSH Key Naming Convention

How to Get Host SSH Key Fingerprints

Creating SSH Keys in Windows

Permission Denied while Copying SSH Key for New User

Convert SSL PFX for NGINX Usage

No Comments