OpenSSL Convert PEM to PFX using RSA PRIVATE Key

I was also stuck on same. And as @thxmike said. My case was also similar.

OpenSSL command did not worked as expected for this.
openssl pkcs12 -export -in c.cer -inkey c.key -out d.pfx

So I ended up using Certutil on Windows. As we wanted to add it to Azure.

Note:-
1. Make sure to change .crt to .cer.
2. Make sure to put the .cer and .key files into the same folder and with same name - (c.cer and c.key)

Then run:
certutil -MergePFX c.cer c.pfx

You should get your combined pfx file.
Cheers!


After some throughout digging, I found that it was the Powershell scripts that generates the key and cert files.

Using Notepad++ on Windows and Tex-Edit Plus on OSX to identify hidden characters, I found that the files had extra [cr] at the end.

Using the command

openssl rsa -in <private key file> -noout -text
openssl x509 -in <cert file> -noout -text

Are good checks for the validity of the files

Since my source was base64 encoded strings, I ended up using the certutil command on Windows(i.e.)

certutil -f -decode cert.enc cert.pem
certutil -f -decode key.enc cert.key

on windows to generate the files. Once the files were correct, the OpenSSL command above worked as expected.

Tags:

Openssl

Rsa

Ppk