create a pfx file from a .cer and a .pem file

openssl ssl-certificate pfx
user217648 picture user217648 · Oct 5, 2013 · Viewed 50k times · Source

I have used openssl to create a .key and .cer file in pem format (you can read them). Now I want to create .pfx file from them. I have read openssl doumentation it says something like following command I can use

openssl pkcs12 -export -in certificate.cer -inkey privateKey.key -out certificate.pfx -certfile CACert.cer

but I don't know which one is my .cer file (certificate.cer or CACert.cer) what is differences between these two files?

Answer

zaerymoghaddam picture zaerymoghaddam · Oct 5, 2013

The certificate.cer is your public key and the CACert.cer file (as it names suggest) is the public key of a CA (maybe the one who has signed your certificate).

The -in switch specifies input certificate to embed in output file

The -inkey switch specifies the key file you've generated using OpenSSL

The -out switch tells the openssl your desired name for output file

The -certfile is used to specify additional certificates to add to the output pfx file (it could be ignored)

Related questions

How to use *.pfx certificate for Amazon ELB SSL

I have cert.pfx file, I need to install to be used in Amazon Elastic Load Balancer. How can I do it?

Read More
How to create a self-signed certificate with OpenSSL

I'm adding HTTPS support to an embedded Linux device. I have tried to generate a self-signed certificate with these steps: openssl req -new > cert.csr openssl rsa -in privkey.pem -out key.pem openssl x509 -in cert.csr -out …

Read More
Using openssl to get the certificate from a server

I am trying to get the certificate of a remote server, which I can then use to add to my keystore and use within my java application. A senior dev (who is on holidays :( ) informed me I can run this: …

Read More