1. DO NOT USE Google Chrome to download the certificate. Use Internet Explorer if possible. You may encounter challenges with using Chrome to download the cert when it comes to installation.

2. The email address associated with the application in the SEI Developer Portal will receive an email similar to the below, which provides a link to download the certificate. NOTE: The link expires after the first download attempt.

Install OpenSSL (If already on your computer, skip this step) 
1. You will need open ssl installed on the machine you will use to extract the .pfx, .crt, or .key files
2. Go to: https://sourceforge.net/projects/openssl/
3. Complete OpenSSL instructions.
Certificate Extraction Instructions – Windows
4. Once the client receives the email from Trustwave, download the client certificate from the Trustwave Portal. 
5. Create an MMC Snap-in for Managing Certificates on the first Windows system where the SSL certificate is installed.
  • Start > run > MMC
  • Go into the Console Tab on the server, then navigate to File > Add/Remove Snap-in


  • Click on Add > Click on Certificates and click on Add


  • Choose Computer Account > Next


  • Choose Local Computer > Finish

  • Close the Add Standalone Snap-in window.
  • Click on OK at the Add/Remove Snap-in window.

6. Export/Backup Certificates to .pfx file

  • In MMC Double click on Certificates (Local Computer) in the center window.
  • Double click on the Personal folder, and then on Certificates.
  • Right click on the Certificate you would like to backup and choose > ALL TASKS > Export
  • Follow the Certificate Export Wizard to back up your certificate to a .pfx file.

  • You will receive a message > “The export was successful.” > Click OK
Certificate Extraction Instructions – Mac
  • Download .p7s file from TrustWave.
  • Open Applications>Utilities>Keychain access

  • Click the “+” sign on the top left corner and import the .p7s file
  • You should now see two line items, one contains a certificate and key pair, and the other contains the intermediate certificate
  • Right click on the certificate and click “Export” (You have the option of providing a password or not, completely at your discretion)
  • Repeat the same export for the key
  • You should now have two .p12 files (one certificate & one key)
  • Run the following commands to convert those .p12 file to the appropriate file:

openssl pkcs12 -in certificate.p12 -clcerts -nokeys -out certificate.crt

openssl pkcs12 -in privatekey.p12 -nodes -out privatekey.key –nocerts

  • Use those files to initiate an SSL connection.

After completing these steps the .pfx file backup is now saved in the location you selected during the aforementioned process and is ready to be moved or stored for your safe keeping.

You can import the PFX file into your application environment based on the OS used. Please see below import methods

  1. Windows/IIS – Import PFX file using Certificate wizard (MMC)
  2. Linux/Java – openssl commands or Keytool to import