How to fix it!
High Level Steps:
- Get all Certificates in a .PFX file format
- Convert .PFX file to a .PEM file format
- Move stuff around until it looks right
- Convert new .PEM file back to .PFX format
- Install .PFX file on NLB device
Get all Certificates in a .PFX format
- Log onto the server that has the certificates installed.
- Click Start à Run and type in MMC.
- In the blank MMC, click File à Add/Remove Snap-ins..
- Select Certificates à Add >
- I’M PUTTING THIS IN CAPS BECAUSE IT’S IMPORTANT!! Make sure you select Computer Account. Click Next, select Local, then click Finish, then OK. This loads the Certificate Snap-in for the local computer.
- Under Certificates, expand Personal and click Certificates. In the detail pain, you should see your certificate and it should have a little key icon on it. If it doesn’t, your certificate is not installed correctly and you should contact your public certificate provider to get it installed correctly. Right click it, and select All Tasks à Export…
- For the Export Wizard
- Select Yes, export the private key.
- If you don’t have this option, then whoever you purchased the key from does not allow you to install the certificate on multiple servers, or you didn’t allow the key to be exportable when you installed the certificate
- In the Export File Format, select Include all certificates in the certificate path if possible and Export all extended properties.
- Secure the .PFX file with a password. Don’t skimp on this. Use something difficult that you’ll remember. If someone gets this file and guesses your password, your certificate security is toast because they’ll have access to your private key and can impersonate you.
- Enter a file name. For this example we are going to save the cert in C:\Cert\temp.pfx