When UnForm is configured to serve web pages and accept print connections using SSL, it requires a certificate format compatible with the Apache web server. This format is usually available when purchasing a certificate, but if the certificate files is created in IIS format, it must be converted. Common names for these two formats are pfx (IIS format) and pem (Apache or Nginx format).
To convert a .pfx file to .pem format, use the openssl command line tool. This tool can be installed as part of the openssl package on Linux. It is also included with the Apache web server bundled with UnForm on Windows. You can find that tool in the httpd\bin folder on Windows UnForm installs. Perform these commands in a terminal window or Windows command prompt.
Change to the path where the .pfx file is located. On Windows you need to use a full path to openssl.exe; the default path for the bundled openssl.exe file is c:\sdsi\uf101\server\httpd\bin\openssl.exe, so adjust these commands accordingly. The file names in the below commands are generic names for clarity.
1) Extract a .pem format certificate (.pfx password will be prompted):
openssl pkcs12 -in file.pfx -out certonly.pem -nokeys2) Extract a .pem format key file (.pfx password and your made-up .pem password will be prompted):openssl pkcs12 -in file.pfx -out keyfile.enc.pem3) Convert the key file to one without a password (use the .pem password you provided in step 2):openssl rsa -in keyfile.enc.pem -out keyfile.pem4) Combine the certificate into one file, and use that file as the certificate file in UnForm's configuration:type certonly.pem keyfile.pem > certfile.pem
On Linux, use "cat" instead of "type".
The file should be stored in a standalone path, and ideally protected through operating system security to be only visible to the UnForm service user and admin users.
Note you can also skip step 4 and specify the individual certonly and keyfile pem files in the UnForm configuration.