I still can't seem to get anywhere with this. I assume this is not too uncommon of a scenario.
1) From IIS7 I generated and sent two CSRs to a 3rd party CA to sign for me
2) CA returned the files in .PEM format and told me that I'd need to convert them for IIS.
3) I see the two requests when using MMC and adding a Snap-In to > Certificates (Local Computer) > Certificate Enrollment Requests
4) So for each one, I right clicked > selected Export... > Yes, export the private key > checked Include all certificates in the certification path if possible > completed remaining steps
5) Saved the newly created .PFX files
6) I installed OpenSSL as I continue read this tool will get the job done
7) I ran the below OpenSSL command to see what I'd get in return:
openssl pkcs12 -export -in server_sign.pem -inkey serverweb1.pfx -out server_sign.pfx -name "WEB01 Server Certificate"
server_sign.pem = the file sent back to me by the CA
serverweb1.pfx = the exported key (step 4 & 5 above)
server_sign.pfx = the desired output file in .PFX format
Will not work! I get "unable to load private key" command line error.
I am so at a loss with this.