vernon.wenberg.net

Create a .pfx/.p12 Certificate File Using OpenSSL

Source: https://www.ssl.com/how-to/create-a-pfx-p12-certificate-file-using-openssl/

The PKCS#12 or PFX format is a binary format for storing the server certificate, any intermediate certificates, and the private key into a single encryptable file. PFX files are usually found with the extensions .pfx and .p12. PFX files are typically used on Windows and macOS machines to import and export certificates and private keys.

Requirements

  • The original private key used for the certificate
  • A PEM (.pem, .crt, .cer) or PKCS#7/P7B (.p7b, .p7c) File
  • OpenSSL (included with Linux/Unix and macOS, and easily installed on Windows with Cygwin or Windows Subsystem for Linux)

The commands below demonstrate examples of how to create a .pfx/.p12 file in the command line using OpenSSL:

openssl pkcs12 -export -out certificate.pfx -inkey privateKey.key -in certificate.crt -certfile more.crt

Breaking down the command:

  • openssl – the command for executing OpenSSL
  • pkcs12 – the file utility for PKCS#12 files in OpenSSL
  • -export -out certificate.pfx – export and save the PFX file as certificate.pfx
  • -inkey privateKey.key – use the private key file privateKey.key as the private key to combine with the certificate.
  • -in certificate.crt – use certificate.crt as the certificate the private key will be combined with.
  • -certfile more.crt – This is optional, this is if you have any additional certificates you would like to include in the PFX file.

Note: After entering the command, you will be prompted to enter and verify an export password to protect the PFX file. Remember this password! You will need it when you wish to export the certificates and key.

QR Code: URL of current page
QR Code: URL of current page Create a .pfx/.p12 Certificate File Using OpenSSL (generated for current page)
Except where otherwise noted, content on this wiki is licensed under the following license: CC Attribution-Share Alike 4.0 International