Reset Search



5300 - Move SSL decryption from the Virtual Traffic Manager to the backend node.

« Go Back


Last Modified Date3/5/2018 11:55 AM

If the Virtual Traffic Manager is no longer to perform SSL decryption, the private and public SSL keys need to be exported out and may need to be converted from PEM format to either PFX or PKCS #12 if importing into Microsoft server.

Virtual Traffic Manager - All versions

Problem or Goal

Retrieve the private and public SSL keys from Traffic manager from following directory:


The following information will help to convert SSL keys from PEM format to PFX that can be imported into Microsoft IIS server:

This can be achieved using OpenSSL. You may have the following files (Filenames are just for reference)

The generated CSR (cert.csr)
The Private Key File (key.pem)
The SSL certificate provided by the CA (cert.cer)
The Intermediate Certificate provided by the CA (CA.cer)

Using OpenSSL run the following command:

openssl pkcs12 -export -in cert.cer -inkey key.pem -out certificate.pfx -certfile CA.cer

This should output a certificate.pfx file.

Related Links
Attachment 1 
Created ByVenkataKondaReddy Palem



Was this article helpful?



Please tell us how we can make this article more useful.

Characters Remaining: 255