-----BEGIN CERTIFICATE----- MA0GCSqGSIb3DQEBCwUAA4IBAQAIfmyTEMg4uJapkEv/oV9PBO9sPpyIBslQj6Zz 91cxG7685C/b+LrTW+C05+Z5Yg4MotdqY3MxtfWoSKQ7CC2iXZDXtHwlTxFWMMS2 RJ17LJ3lXubvDGGqv+QqG+6EnriDfcFDzkSnE3ANkR/0yBOtg2DZ2HKocyQetawi DsoXiWJYRBuriSUBAA/NxBti21G00w9RKpv0vHP8ds42pM3Z2Czqrpv1KrKQ0U11 GIo/ikGQI31bS/6kA1ibRrLDYGCD+H1QQc7CoZDDu+8CL9IVVO5EFdkKrqeKM+2x LXY2JtwE65/3YR8V3Idv7kaWKK2hJn0KCacuBKONvPi8BDDD -----END CERTIFICATE----- -----BEGIN CERTIFICATE----- GGGEfTCCA2WgAwIBAgIDG+cVMA0GCSqGSIb3DQEBCwUAMGMxCzAJBgNVBAYTAlVT MSEwHwYDVQQKExhUaGUgR28gRGFkZHkgR3JvdXAsIEluYy4xMTAvBgNVBAsTKEdv IERhZGR5IENsYXNzIDIgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMTQwMTAx MDcwMDAwWhcNMzEwNTMwMDcwMDAwWjCBgzELMAkGA1UEBhMCVVMxEDAOBgNVBAgT -----END CERTIFICATE----- -----BEGIN CERTIFICATE----- AAAEfTCCA2WgAwIBAgIDG+cVMA0GCSqGSIb3DQEBCwUAMGMxCzAJBgNVBAYTAlVT MSEwHwYDVQQKExhUaGUgR28gRGFkZHkgR3JvdXAsIEluYy4xMTAvBgNVBAsTKEdv IERhZGR5IENsYXNzIDIgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMTQwMTAx MDcwMDAwWhcNMzEwNTMwMDcwMDAwWjCBgzELMAkGA1UEBhMCVVMxEDAOBgNVBZZZ -----END CERTIFICATE-----
This is just an example, the certificate section for each certificate will be larger. Let's call such file bundle.crt<\i>. In order to sign it we need a key - key is just a file with a content similar to the *.crt file - some people call it pem files. Generally speaking *.crt, *.pem, *.cert are files that have this same content in this same format, the only difference is just a file extension. To create a pfx file we need an openssl application. You can get the windows binaries from here: ssl binaries. I used the openssl-1.0.2r-x64_86-win64.zip.
To generate pfx I run:
openssl pkcs12 -export -out Private.pfx -inkey C:\cert.key -in C:\bundle.crt
You will need to provide a password for this key and retype it.
If you want to see what is inside pfx you can run:
certutil -dump Private.pfx
certutil is a tool that is by default installed on Windows machine. If you have openssl installed you can run:
openssl pkcs12 -info -in Private.pfx
You need the password in order to run these commands.
