Skip to content

Instantly share code, notes, and snippets.

@mauvehed

mauvehed/create_pfx_from_crt_and_key.md

Last active October 21, 2023 14:06
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save mauvehed/341387a14645c23059a6064fbd06ec32 to your computer and use it in GitHub Desktop.
Save mauvehed/341387a14645c23059a6064fbd06ec32 to your computer and use it in GitHub Desktop.
Download ZIP
Create PFX file from a CRT and KEY file
Raw
create_pfx_from_crt_and_key.md

Create PFX file from a CRT and KEY file

Some services require a combined pfx file to provide TLS to a client

Generating the pfx file

The easiest way is to utilize openssl on the command line. Assuming you already have the .crt and .key files, run the following command.

openssl pkcs12 -export -out domain.name.pfx -inkey domain.name.key -in domain.name.crt

Generating the pfx file with root CA and intermediate certs

If you have a root CA and intermediate certs, then include them as well using multiple -in params

openssl pkcs12 -export -out domain.name.pfx -inkey domain.name.key -in domain.name.crt -in intermediate.crt -in rootca.crt

Generating the pfx file with a bundled crt file

If you have a bundled crt file that you use, for example, with nginx, you can pass that in along with the cert all in one:

cat domain.name.crt | tee -a domain.name.bundled.crt

cat intermediate.crt | tee -a domain.name.bundled.crt

cat rootca.crt | tee -a domain.name.bundled.crt

openssl pkcs12 -export -out domain.name.pfx -inkey domain.name.key -in domain.name.bundled.crt

Credit: https://stackoverflow.com/questions/6307886/how-to-create-pfx-file-from-certificate-and-private-key#17284371

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment