Generate pfx file for Windows box

Personal Information Exchange (.pfx) file is a certificate format that contains both public cert and private cert, it is normally used in Windows platform. For example, IIS only supports to import certificate in pfx format.

If you have you private key in PEM format, and public certificate in cert format (DER encoded). Then you use the following command to generate the pfx file. In the example is the hostname, to keep it simple I also use it to name the key and certificates.

# Convert DER cert to BASE64 encoded cert
openssl x509 -inform DER -in iis.jackiechen.org_DER.cer -out

# Generate pfx file, append '-certfile CAcert.crt' to the end if you need to add the CA certificate.
openssl pkcs12 -export -out -inkey -in


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s