A customer of mine had an existing wild card SSL certificate running on IIS. They wanted to use this wild card SSL certificate for their IBM Domino server.

I had all the SSL certificate files available (the trusted root CA, the certificate and the private key). So I quickly found the guide from Gab Davis and did something similar: I created a key ring using the Server Certificate application on the Domino server and installed the trusted root certificate into the key ring. I then opened the key ring file in the gsk5 version of iKeyman (on Windows XP in order for it to run) but ran into the issue that I was unable to import the private key (.pfx).

The solution was to import the private key file in the Certificates program (certmgr.msc) by opening the private key file (and providing the password for the file and selecting the option to mark the key as exportable). Once imported I then exported the same private key as PKCS#12 (.pfx) and I was now able to import the private key as a personal certificate in the gsk5 version of iKeyman.

I saved the updated key file, added it to the IBM Domino server, and HTTPS was then working as expected.