How to Create PFX File?

How to Create PFX File?

How to Create PFX File?

We have already seen a few articles about SSL certificate related CSR requests, Complete Certificate, export PFX certificate files from Windows Server, and extracting Private Key from PFX files. If you are familiar with Windows Server IIS Manager, you can follow my previous article to generate the PFX file. Would you want to know how to create PFX file? In this article, I will share the simple way to create a PFX file using the OpenSSL command.

Using Open SSL commands is very simple, I have already shared the article that helps to know how to run Open SSL commands in windows machines. You can check this article and follow Step 2 to Step 5 to install OpenSSL in your machine. However, I’m repeating these steps here,

How to Install OpenSLL?

Step 1: Download the OpenSSL source file from this link. This is the older version but works perfectly fine.

Step 2: Once the file is downloaded to your windows machine, unzip the file. Then go to the bin folder, refer to the screenshot below,

OpenSSL Bin Location
OpenSSL Bin Location

Then double click on the “openssl” application file inside the bin folder.

Step 3: This will open the OpenSSL command window. Here you need to execute the required command.

OpenSSL Command Window
OpenSSL Command Window

How to create PFX file using OpenSSL command?

Once you configured the OpenSSL source in your machine, you are ready to run any OpenSSL commands using this. Let see the OpenSSL command that use to create a PFX file.


pkcs12 -export -in {certificate-file} -inkey {private-key-file} -out {certificate-pfx-file} -certfile {intermediate-certificate}


pkcs12 -export -in certificate-file.cer -inkey private-key.pem -out certificate-pfx-file.pfx -certfile intermediate-certificate.cer
pkcs12OpenSSL command
-exportTo export the output file
-in certificate-file.cerInput property.
Here we can give the certificate file in the .cer extension as input.
-inkey private-key.pemInput property.
Here we can give the private key file in the .pem extension as input.
-out certificate-pfx-file.pfxOutput property.
Here we can give a file name to save a PFX certificate file.
-certfile intermediate-certificate.cerInput property.
Here we can give the intermediate certificate key (CA) file in the .cer extension as input. This is necessary to avoid no chain or certificate incomplete issue.
PFX file creation OpenSSL command

Step 1: Place the required following input files inside the OpenSSL source bin folder, Refer to the image for the right location,

  1. Certificate File in .CER
  2. Private Key File in .KEY
  3. Intermediate Certificate (CA) file in .CER
OpenSSL Bin Location
OpenSSL Bin Location

Step 2: Execute the command mentioned above to create the PFX file.

pkcs12 -export -in {certificate-file} -inkey {private-key-file} -out {certificate-pfx-file} -certfile {intermediate-certificate}

Step 3: You will be asked to set the password to export the PFX file. You should note down the password and keep it secure because this will require while using the PFX certificate file each time.

That’s it. The New PFX certificate file will be saved in the bin folder. You can use it for the SSL certificate configuration of your Website/Web API.

He is a product manager at a reputed software company and a freelance blog writer. He is experienced in different technologies, web securities, and web applications. He keeps learning and make himself up to date on the latest technologies, news, health, and fitness. This encouraged him to share his experiences by writing articles.

Leave a Reply

Your email address will not be published. Required fields are marked *

Back To Top
%d bloggers like this: