How to make an SSL private key
Export a private key from Certificate fold on your IIS server:
1) Click Start, and then search for Run.
2) Type in
3) From the File menu, choose Add/Remove Snap-in.
4) Select Certificates and then Add.
5) Choose the Computer account option and click Next.
6) Select Local Computer and then click Finish.
7) Click Close, and then click OK. The snap-in for Certificates (Local Computer) appears in the console.
From the MMC console opened in the above steps:
1) Expand the Certificates (Local Computer) tree in the left preview panel.
2) Right-click Personal and select All Tasks > Import.
3) The Certificate Import Wizard appears. Click Next.
4) Browse to the location of your Server Certificate file and click Next.
5) Select Place all certificates in the following store and click Next.
6) Click Finish to complete the Certificate Import Wizard.
7) A dialog box appears indicating the import was successful. Click OK.
Next, convert .pfx format to .pem format using OpenSSL command in the terminal:
“openssl pkcs12 -in support.mydomain.com.pfx -out support.mydomain.com.pem -nodes”