If you are running EZproxy on a Windows server, your server may already have an SSL key that you would like to use with EZproxy. EZproxy is unable to directly access the Windows certificate store. The following steps provide a way to export an SSL certificate from the Windows certificate store and import it into EZproxy. Although these steps work in many instances, there is no guarantee that all Windows certificates can be exported and transformed for use with EZproxy.
Throughout this document, references are made to the EZproxy ssl directory. This directory is located inside the directory where EZproxy is installed. If you performed a default installation of EZproxy, this is /usr/local/ezproxy/ssl for Linux and Solaris or C:\ezproxy\ssl for Windows.
This options warns EZproxy that the wildcard certificate is not in the form that it expects, which would be *.ezproxy.yourlib.org in this example.
and note the highest number in use on a file such as 00000006.csr. For the rest of these steps, use the next highest number, adding enough zeros on the left to make 8 digits. If there are no files in this directory, do not use 00000000, but rather start from 00000001. For the balance of this document, 00000007 is used for the examples.
Type the password you specified on the export. You will then be prompted for a password phrase. Type something here as well (could be the same thing).
openssl pkcs12 -in iis.pfx -out 00000007.crt
It will ask for the pass phrase, which should be the same one you provided in the previous step.
openssl rsa -in 00000007.crt -out 00000007.key
OCLC will end support for EZproxy on the Solaris 10 (x86) platform on December 31, 2018.