To Convert an existing IIS Certificate for use with BackupMyOrg / CleanMyOrg
To convert an IIS certificate to a .KEY and .PEM format for use in BackupMyOrg or CleanMyOrg, you can follow these steps:
Export the certificate from IIS:
a. Open the IIS Manager
b. Click on the server name in the left-hand pane
c. In the middle pane, double-click on "Server Certificates"
d. Select the certificate you want to export
e. Click "Export" in the right-hand pane
f. Follow the wizard to export the certificate as a .pfx file (remember the password you specified to protect the cert)
(Note: if you don’t have an export option you may need to re-import the certificate to IIS with the allow export option)
Convert the .pfx file to a .pem file using OpenSSL:
a. Install OpenSSL on your computer if it is not already installed (Windows version can be found at: https://slproweb.com/products/Win32OpenSSL.html
b. Copy the .pfx file to the OpenSSL /bin folder
c. Open a command prompt or terminal window
d. Navigate to the openSSL bin directory
e. Run the following command (changing exported cert name as necessary):openssl pkcs12 -in exportedCert.pfx -out yourcert.pem -nodes
This command will prompt you for the password you used to protect the .pfx file. Enter the password and press Enter. The command will create a .pem file in the same directory as the .pfx file.
Extract the private key from the .pem file using OpenSSL:
a. Run the following command in the same directory where the .pem file is saved:openssl rsa -in yourcert.pem -out yourkey.key
This command will extract the private key from the .pem file and save it as a separate .key file in the same directory.
Copy the .pem and .key to the application directory and configure config/nodeconfig.json
a. Copy the new .pem and .key file to your application root directory
b. Open <application directory>\config\nodeconfig.json
c. Modify the settings as follows (changing names as necessary):"useHTTPS": true,
"certs": {
"certificate": "yourcert.pem",
"key": "yourcert.key"
},Restart the BackupMyOrg server and open the browser using https location.