Once you have got necessary files.
Encrypted private key and certification file you need to do the following
Decrypt the private key
openssl rsa -in example.encrypted.key -out example.key
Enter passphrase for example.encrypted.key:
Add encrypted key to certificate and create a new certificate with a key already in it to install in IIS
openssl pkcs12 -inkey example.key -in example.crt -export -out example.pfx
You need to provide a password to it.
Once done on Windows Server use run command -> mmc ->Snap in ->Certificate and Import the certificate or just double click on the certification and add to personal folder under Local Machine.
Sometimes you may need an extention without knowing the correct mime-type or just may not exist yet or may not be defined.
You can use the following
This basically tells to download the file without try to opening by any software.
Some people saying that this comply with RFC and some not.
The recommended action for an implementation that receives an
“application/octet-stream” entity is to simply offer to put the data
in a file, with any Content-Transfer-Encoding undone, or perhaps to
use it as input to a user-specified process.
It is expected that many other subtypes of “application” will be
defined in the future. MIME implementations must at a minimum treat
any unrecognized subtypes as being equivalent to “application/octet-
I have also see people adding application/unknown for mime type but I would still recommend putting octet-stream as at least it is defined in the RFC otherwise you can also put applicatoion/I_dont_know and it would be the same as ‘unknown’ in my opinion.
MIME Types in IIS – https://msdn.microsoft.com/en-us/library/bb742440.aspx