We recently set up a Citrix Access Gateway 5 VPX appliance for a client and created the CSR from the Access Gateway. We then needed to add the certificate to the internal Web Interface sites which use the same external DNS name. Here is the process to export the certificate from Access Gateway and import into IIS.
- From the web admin console of the Access Gateway export the required certificate into a .cer file. This will contain the private key and public certificate. You will be prompted to enter a password.
- Download OpenSSL and install on a Windows computer.
- Download and install Notepad++
- Open the .cer file using Notepad++, select the Private Key and copy it into a new Notepad++ document. Save this as Cert_Private.txt
- Select the certificate(s) and copy to t new Notepad++ document. Save this as Cert_Public.txt. Ensure all certificates are selected and copied.
- You now need to convert these PEM format files into a PFX which can be imported in IIS. OpenSSL is used to do this:
openssl.exe pkcs12 -export -out Cert.pfx -inkey Cert_Private.txt -in Cert_Public.txt
- You can now take the generated Cert.pfx and import into IIS