Installing an existing wildcard SSL certificate (.PFX/PKCS#12)

If you have an existing UCC/SAN or wildcard certificate, this can be imported into Foldr.

In the case of a SAN certificate you will need to add the Foldr common name (appliance URL) to the list of Subject Alternative Names.  Wildcard certificates are usually available / exported from other existing servers in PFX format which is commonly used in Microsoft Windows Server environments.

PFX Certificate Installation

A certificate in PFX format contains both the signed certificate and private key, as such you must extract each as individual files so they are available to install into the Foldr appliance.

If using a Windows workstation install OpenSSL complete package from (Mac OS X has OpenSSL built in):

(The ‘light’ versions for x64 and x86 are fine for this purpose)

Open an elevated command prompt and change directory to:

C:\OpenSSL-Win64\bin (copy your PFX here also) and issue the following commands – Note, if using x86 the installation directory will differ:

1.  Extract the private key from the PFX file (assuming your PFX is called publicAndprivate.pfx) and write it to a PEM file called (privateKey.pem)
openssl.exe pkcs12 -in publicAndprivate.pfx -nocerts -out privateKey.pem

  1. Extract the certificatefrom the PFX file (called publicCert.pem):

openssl.exe pkcs12 -in publicAndprivate.pfx -clcerts -nokeys -out publicCert.pem

  1. Remove the password from the private key file (writes a new file called private.pem):

openssl.exe rsa -in privateKey.pem -out private.pem

Both files that you create at steps 1 & 2 will be written to the bin directory.  Please note, it is vital that you remove the password from the private key otherwise the certificate installation will fail.

Browse to https://IP_of_Foldr:30537/settings and log in as fadmin.  Browse to the Certificates page and open your certificate, decrypted (password removed) private key, root and intermediate certificates for your CA in a text editor and paste into the relevant boxes.  Click Save and your certificate will be installed after several seconds.

Need more help?

Get in touch and we'll be happy to assist you, [email protected]

© Minnow IT. Registered in England and Wales with company number 07970411.

Made with in Bristol, UK