Exporting Certificates using IIS 6.0

Before Java RMI can be used with SSL, the server-specific certificate (purchased from a Certificate Authority) must be exported and made available to Proficy Portal. The following procedure will guide you through this process using IIS 6.0. If you are using a different version of IIS, this procedure may vary.

1. Start Internet Information Services (IIS) from the Windows Control Panel.

2. Expand the Proficy Portal server node, right-click Default Web Site, and choose Properties. The Default Web Site Properties dialog box appears.

3. Click the Directory Security tab.

4. Click the View Certificate button. The Certificate dialog box appears.

5. Click the Details tab.

6. Click the Copy to File button. The Certificate Export Wizard appears.

7. Click Next. The Export Private Key dialog box appears.

8. The default is to not export the private key, however, without it,  the SSL sockets in Java RMI cannot encrypt/decrypt the messages. Select “Yes, export the private key”. This will require a password to be entered later in the procedure. Proficy Portal needs to know this password so it may access the keys.

For information on how to configure Proficy Portal to use the correct file and password, see Using the keyconfig.cmd Utility.

9. Click Next. The Export File Format dialog box appears.

10. On the Export File Format dialog box, ensure Personal Information Exchange - PKCS #12 is selected. Also select the Include all certificates in certification path if possible and the Enable strong protection check boxes.

11. Click Next. On the Password dialog box, enter a password and then enter it again to confirm it. Record the password for future use.

12. Click Next. On the File to Export dialog box, enter a file name and location on the server for the key material.

13. Click Next. The final window appears in the Certificate Export Wizard.

14. Click Finish.

---