Export SSL certificate from Access Gateway 5

We recently set up a Citrix Access Gateway 5 VPX appliance for a client and created the CSR from the Access Gateway. We then needed to add the certificate to the internal Web Interface sites which use the same external DNS name. Here is the process to export the certificate from Access Gateway and import into IIS.

    1. From the web admin console of the Access Gateway export the required certificate into a .cer file. This will contain the private key and public certificate. You will be prompted to enter a password.
    2. Download OpenSSL and install on a Windows computer.
    3. Download and install Notepad++
    4. Open the .cer file using Notepad++, select the Private Key and copy it into a new Notepad++ document. Save this as Cert_Private.txt
    1. Select the certificate(s) and copy to t new Notepad++ document. Save this as Cert_Public.txt. Ensure all certificates are selected and copied.
    1. You now need to convert these PEM format files into a PFX which can be imported in IIS. OpenSSL is used to do this:
openssl.exe pkcs12 -export -out Cert.pfx -inkey Cert_Private.txt -in Cert_Public.txt
  1. You can now take the generated Cert.pfx and import into IIS

1 Comment

  1. James Lee says:

    For sure we will do this,, by the way good article.. thanks for sharing

Leave a Reply

Contact Deptive

Deptive - Commercial Bay
11-19 Customs Street West St
Commercial Bay Tower, Level 17, Room 1715
Auckland 1010
We also have a virtual office in Wellington.

Contact Details

0800 000 141

Postal Address
PO Box 34797,
Birkenhead, Auckland 0746