How to decrypt a private key and prepare SSL certificate for IIS installation

Once you have got necessary files.

Encrypted private key and certification file you need to do the following

Decrypt the private key

openssl rsa -in example.encrypted.key -out example.key

Enter passphrase for example.encrypted.key:

Add encrypted key to certificate and create a new certificate with a key already in it to install in IIS

openssl pkcs12 -inkey example.key -in example.crt -export -out example.pfx

You need to provide a password to it.

Once done on Windows Server use run command ->  mmc ->Snap in ->Certificate and Import the certificate or just double click on the certification and add to personal folder under Local Machine.

Many Thanks



How to add unknown mime types to IIS

Sometimes you may need an extention without knowing the correct mime-type or just may not exist yet or may not be defined.

You can use the following

.yourExtension application/octet-stream

This basically tells to download the file without try to opening by any software.

Some people saying that this comply with RFC and some not.

The recommended action for an implementation that receives an
“application/octet-stream” entity is to simply offer to put the data
in a file, with any Content-Transfer-Encoding undone, or perhaps to
use it as input to a user-specified process.

It is expected that many other subtypes of “application” will be
defined in the future. MIME implementations must at a minimum treat
any unrecognized subtypes as being equivalent to “application/octet-

You decide.

I have also see people adding application/unknown for mime type but I would still recommend putting octet-stream as at least it is defined in the RFC otherwise you can also put applicatoion/I_dont_know and it would be the same as ‘unknown’ in my opinion.

Other resources:

MIME Types in IIS –

Many Thanks