Convert pem-based SSL cert from Apache server to PKCS12 (.pfx file) for Microsoft IIS with OpenSSL

Moving a website from unix to Windows?  Well I guess apache runs on Windows too but whatever.  Here’s the command you’ll need to build a PKCS12 format SSL certificate file that you can import into Microsoft IIS using OpenSSL from the command line:

openssl pkcs12 -export -out exported.pfx -inkey import.key -in import.crt -certfile import.CA

The four variables are of course:

  • exported.pfx – the name of the resulting PKCS12 export file for import into IIS
  • import.key – the current private key file from the apache server
  • import.crt – the current public certificate file from the apache server
  • import.CA – the current intermediate certificate file from the relevant certificate authority

Leave a Reply

Your email address will not be published. Required fields are marked *