Start the certificates mmc for the web server and select ‘All Tasks’, ‘Export’ against the site certificate. Do not choose to export the CA certificates. Specify a password. Specify a filename (e.g. mypkcs12.pfx). Copy the resulting .pfx file to your Apache web server.

Then import the private key and cert file into Apache using the following commands:

openssl pkcs12 -in mypkcs12.pfx -out pfxoutput.txt

You’ll need to enter the password at least once.

Load pfxoutput.txt into a text editor and save each certificate as a separate file.
Also save the private key as a separate file (e.g. myencrypted.key).

The private key will probably be encrypted at the moment. i.e. looking something like…..

——-BEGIN RSA PRIVATE KEY——-
Proc-Type: 4,ENCRYPTED
DEK-Info: DES-EDE3-CBC,………
………
——-END RSA PRIVATE KEY——-

If the version of Apache we’re using doesn’t allow encrypted private keys, to decrypt the private key run the following command:

openssl rsa -in myencrypted.key -out my.key