Just a quick one, I had to do this the other day with our certificate. I know that you can do this on the F5 through an SSH connection. But I decided to use the version I had installed on my Windows Desktop.
After a few moments of bashing my head against the proverbial brick wall I found that this was the way to do it.
For those interested I was doing this so that I could import our wild card certificate into my Citrix Gateway as the versions that I could download from verisign were not compatible and gave an error on import. In fact I will try to get a post up about that.
If you follow these steps you should end up with a cert that will have the Private key and will work if Citrix or VMware view for that matter.
- On the F5 export the Certificate file and key file. Copy them somewhere you can find them. I actually put mine in the OpenSSL folder. That way I didn’t have to worry about typing paths! Yes I am that lazy!!
- Open a command prompt and start OpenSSL
- Type the following pkcs12 -export -in .crt -inkey .key -out .p12
- You will see a message saying “loading ‘screen’ into random state – done
- It will then prompt for a password to allow the Private key to be exported. This is important for Applications like the Citrix Secure Gateway
- You will then see a message saying ” Verifying – Enter export password:” So go ahead and confirm your password
And that is it. Pretty straight forward when you know how, and you will have a nice new certificate with private key that can be exported.