How to extract a public certificate and private key from .pfx for use in GMS/Analytics

Learn how to extract a public certificate and private key from PFX for GMS Analytics. Follow this guide for proper certificate handling.

Note:

* password should be 15 charactor or less, no special charactors *

1. Download your certificate from CA provider (of your choice) in .pfx format (eg. certificate.pfx) and the password key for further 

2. Install OpenSSL on your system - for the installation file refer to the following url: https://www.openssl.org/source/

3. Take the .pfx file (e.g. certname.pfx) and copy it to a system where you have OpenSSL installed.

   Note: the *.pfx file is in PKCS#12 format and includes both the certificate and the private key.

4. Run the following command to export the certificate: openssl pkcs12 -in certname.pfx -nokeys -out cert.pem

output = cert.pem

5. Run the following command to export the private key: openssl pkcs12 -in certname.pfx -nocerts -out key.pem -nodes

output = key.pem

6. Run the following command if you wish to remove the passphrase from the private key: openssl rsa -in key.pem -out server.key

7. Login to the appliance (system) interface of the GMS/Analyzer and under System/Deployment/Settings/SSL Access configuration select Custom button.

8. Under Certificate file browse for the cert.pem file created in the step 4.

9. Under Certificate Key file browse for the key.pem file created in the step 5.

10. Provide the certificate password in the Certificate password field.

11. Click on update button. GMS will reboot and your new custom certificate will be installed.