0 votes
by (140 points)

I can not figure out were to start on setting up a cert for HTTPS. I paid for a cert buy can not get it to work.

They sent me three files a

Security Certificate a .CRT file
PKCS # 7 Certificate a .p7b file
CA-Bundle file a .ca-bundle file

Tiny Web server has two files a .cer and .pfx

The only section is the config file lets you specify the "serverCertificateFile". I tried point to those files. It did not work. I also cut and past the certificate info and that did not work. What do I need to do?

1 Answer

0 votes
by (72.7k points)

The Rebex Tiny Web Server can accept only .pfx, which contains (public) certificate and associated (private) key.

It seems you need to combine all the files into a .pfx file.

I suppose that the .crt file contains the required private key in PEM format. View the file, it should start with -----BEGIN PRIVATE KEY----- or -----BEGIN ENCRYPTED PRIVATE KEY-----.

The .p7b file should start with -----BEGIN PKCS7-----.

You need to first convert .p7b into PEM as described here:

openssl pkcs7 -print_certs -in cert.p7b -out cert.pem

The .pem file should start with -----BEGIN CERTIFICATE-----.

Then you can create .pfx file as described here:

openssl pkcs12 -export -out cert.pfx -inkey cert.crt -in cert.pem

Or check, whether your certificate vendor can provide .pfx certificate directly.

by (140 points)
edited by
I have tried everything and can not get this to work.  I tried what you posted.   I exported the private key using the app 'certlm'. It exported a .pfx file. I tried that and it did not work.  I converted the .pfx file to a pem to get my private key and followed your openssl commands to create a .pfx file.  It did not work also.  Any advice?

Update:  I got it working

The default install files are

server.certificate.cer
server.certificate.pfx

When I remove them and start the app they get regenerated.  If I add my new .pfx file a .cer file is not created.  Should I  provide the .cer file from something?

Update:  I got it working.
by (72.7k points)
Great that you were able to make it working.
Can you please share how you solved it in case somebody else encounter the same issue?
by (140 points)
This is a crazy answer.  I used a on-line company that  provided the certificate to get things to work.  They sent it in .p7b format.  I had to convert it to a PEM, export a key in windows.  Then convert those files to a .pfx.  I did all that and it did not work.

This is the crazy part. I did not have port 443 forward to the PC running the web server.  Once I fixed that it came right up.
...