Using SSL - Client has provided a PFX file

N00b question here…

I need to enable SSL on a customer’s gateway. They’ve pointed me to a personal certificate in the Windows Certificate Manager and I can export a PFX file that contains the private key. I can export any of these (including the greyed out option):
Cert Manager:

Export options:

But from these options, I don’t get what the first part of the certificate wizard in Ignition is asking for:

I’ve found that I might be able to extract this using OpenSSL (/source/index.html), however the site only provides the unbuilt application :frowning: Should I even trust this?

Any ideas? Do I need to build the OpenSSL app, or is there a built version somewhere, or am I on the wrong path?

I managed to figure it out… If anyone has any comments on the below, please feel free to let me know!

  1. Export a “pfx” file from the Windows Computer Certificates manager that includes the private key. Uncheck all options e.g. uncheck include all certs in cert path, don’t delete private key, etc.
    Set a password but don’t enable group or usernames.
    If you don’t have the option to export a private key, then you need to get a certificate from your customer that does.

  2. Using the PFX, created a PEM file using OpenSSL
    3/4 way down under “OpenSSL Utility” steps 1-5 which should produce the PEM file.
    I used the openssl.exe included as part of installed git.

  3. Export a “cer” file from the WCCM that doesn’t include the private key.

  4. Obtain the certificate chain PEM file from the customer. Open it in notepad and copy the very last certificate in the file for reference later.

Then using the files from steps 1-3, drag the files produced from these steps into the corresponding steps in the Ignition gateway web server Certificate Wizard. For step 3, paste the certificate using the Manual button within the step.