Convert SSL Certificate to .pfx format (Microsoft IIS)

Obtain a SSL Certficate from a trusted CA (Certificate Authority)

Usually you receive three certificates from the CA, SSL Certificate, CA Bundle and a Private key

In this tutorial we will be using the SSL Certificate and Private key.

 

Create a new text document on your local machine called private_key.key paste the contents of the private key from the CA into the file.

Save the file. (Make sure it is saved as .key)

 

Repeat the same process for the SSL Certificate

Copy the contents of the SSL Certificate key field

Create a new text document on your local machine called public_ssl_key.cer paste the contents of the SSL Certificate into the file.

Save the file. (Make sure it is saved as .cer)

 

You will end up with the following 2 files

 

To bind the public/private key pair and a set password for .PFX File you will need to download OpenSSL

Download OpenSSL: https://sourceforge.net/projects/openssl/files/latest/download?source=files

Once downloaded extract the contents of the OpenSSL folder and browse to the bin folder.

Open Powershell as Administrator and change to the directory of the bin folder.

Example: cd C:\openssl-1.0.2j-fips-x86_64\OpenSSL\bin

Copy the previously created SSL files containing the Public and Private key into this directory.

 

Execute the following command to generate a .PFX file with a password

.\openssl.exe pkcs12 -export -inkey private_key.key -in public_ssl_key.cer -out ssl_cert.pfx

(This will create a .pfx called ssl_cert.pfx and will be saved in same directory as the bin directory.)

 

You will then be prompted to enter a password for the .PFX file.

 

The .PFX file will then be generated with a password attached to it.

 

You can now use this certificate to Import into IIS on Windows Server or via Windows MMC Console.

 

 

 

 

 

 

 

 

 

 

Open chat
IT Security Solutions
Hello 👋
Can we help you?