Generate pfx file for Windows box


Personal Information Exchange (.pfx) file is a certificate format that contains both public cert and private cert, it is normally used in Windows platform. For example, IIS only supports to import certificate in pfx format.

If you have you private key in PEM format, and public certificate in cert format (DER encoded). Then you use the following command to generate the pfx file. In the example iis.jackiechen.org is the hostname, to keep it simple I also use it to name the key and certificates.


# Convert DER cert to BASE64 encoded cert
openssl x509 -inform DER -in iis.jackiechen.org_DER.cer -out iis.jackiechen.org.crt


# Generate pfx file, append '-certfile CAcert.crt' to the end if you need to add the CA certificate.
openssl pkcs12 -export -out iis.jackiechen.org.pfx -inkey iis.jackiechen.org.key -in iis.jackiechen.org.crt

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

w

Connecting to %s