You would need access to a machine with OpenSSL on it
- Use IIS on your Windows machine to generate your IIS SSL certificate request file, which should be named certreq.txt by default.
- Transfer this file to your Linux machine using whatever method you like.
- First, we need to generate a private key to sign the certificate with. Lets generate one that's 2048 bits. You'll need to enter a pass phrase too:
# openssl genrsa -des3 -out ca.key 2048 - Next, we'll need to create the CA certificate to sign with:
# openssl req -new -key ca.key -x509 -days 9999 -out ca.cer - Finally, we'll need to sign the IIS certificate with our new CA:
# openssl x509 -req -days 9999 -in certreq.txt -CA ca.cer -CAkey ca.key -CAcreateserial -out iis.cer - Your new, signed certificate is the file iis.cer. Transfer this file back to the windows machine, and load it up into IIS. It's good for 9999 days!