Use OpenSSL to convert SSL certificates to PFX file (2021 Guide)

by Hadley Bradley

I recently had the need to install my wildcard SSL certificates onto a Windows server which required converting the files supplied by DigiCert into a pfx file using the pkcs12 format. PKCS#12 is a binary format for storing a certificate chain and private key in a single, encrypted file. PKCS#12 files are commonly used to import and export certificates and private keys on Windows.

To do this I used the OpenSSL command, and the command used is outlined below:

Installing OpenSSL on Ubuntu

If your Ubuntu Linux system doesn’t already have OpenSSL installed, then you can install it using the following commands:

sudo apt-get update -y
sudo apt-get install -y openssl

Converting the certificate to PFX format

The command below demonstrates converting and wrapping the certificate chain and private key into a single pfx file.

openssl pkcs12 -export 
    -out star.hadleybradley.com.pfx
    -in star.hadleybradley.com.crt
    -inkey star.hadleybradley.com.key
    -certfile digicert.ca.crt