Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
?
Solved

Generate PKCS12 file from .cer and .pvk

Posted on 2014-01-20
6
Medium Priority
?
2,601 Views
Last Modified: 2014-01-20
Hi Experts,

How can I generate a pfx file from a .cer and .pvk file?

Thanks,
Mike
0
Comment
Question by:thready
  • 3
  • 2
6 Comments
 
LVL 8

Expert Comment

by:amatson78
ID: 39794406
You can use openssl:

# openssl pkcs12 -export -out certificate.pfx -inkey certificate.key -in certificate.crt

If you need to include the certificate chain you can add "-certfile CACert.crt"

# openssl pkcs12 -export -out certificate.pfx -inkey certificate.key -in certificate.crt -certfile CACert.crt

You will be prompted to create a password twice and then cert should be created. You can check the cert with:

#openssl pkcs12 -info -in certificate.pfx
0
 
LVL 1

Author Comment

by:thready
ID: 39794442
My key is in the Microsoft proprietary blob format (.PVK) - not any of the formats required by OpenSSL...
0
 
LVL 8

Accepted Solution

by:
amatson78 earned 1600 total points
ID: 39794522
My apoligies I missed that part. I should have read better. Since you have the .pvk already that part should be good. First convert the .cer to a .spc with Cert2spc.exe (http://msdn.microsoft.com/en-us/library/f657tk8f(v=vs.110).aspx):

cert2Spc.exe certificate.cer certificate.spc

Open in new window


Then once that is done use pvk2pfx (http://msdn.microsoft.com/en-us/library/windows/hardware/ff550672(v=vs.85).aspx) to merge the .spc and the .pvk to a .pfx file:

pvk2pfx.exe -pvk yourkey.pvk -pi <password> -spc certificate.spc -pfx certificate.pfx -po <password>

Open in new window


See if that works for you.

Cheers, Alan
0
2017 Webroot Threat Report

MSPs: Get the facts you need to protect your clients.
The 2017 Webroot Threat Report provides a uniquely insightful global view into the analysis and discoveries made by the Webroot® Threat Intelligence Platform to provide insights on key trends and risks as seen by our users.

 
LVL 33

Assisted Solution

by:Dave Howe
Dave Howe earned 400 total points
ID: 39794527
you can download a conversion tool to standard PEM format here:

http://www.drh-consultancy.demon.co.uk/pvk.html

once it is in PEM format, you can use openssl or any other suitable tool (I prefer XCA) to convert that and the CER into the #12 format.
0
 
LVL 1

Author Closing Comment

by:thready
ID: 39794578
Thank you!
0
 
LVL 8

Expert Comment

by:amatson78
ID: 39795678
Glad that it helped and thank you for the Awesome rating :)

Cheers, Alan
0

Featured Post

Keep up with what's happening at Experts Exchange!

Sign up to receive Decoded, a new monthly digest with product updates, feature release info, continuing education opportunities, and more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Phishing emails are a popular malware delivery vehicle for attack.  While there are many ways for an attacker to increase the chances of success for their phishing emails, one of the most effective methods involves spoofing the message to appear to …
2017 was a scary year for cyber security.  Hear what our security experts say that hackers have in store for us in 2018.
This video Micro Tutorial shows how to password-protect PDF files with free software. Many software products can do this, such as Adobe Acrobat (but not Adobe Reader), Nuance PaperPort, and Nuance Power PDF, but they are not free products. This vide…
We’ve all felt that sense of false security before—locking down external access to a database or component and feeling like we’ve done all we need to do to secure company data. But that feeling is fleeting. Attacks these days can happen in many w…
Suggested Courses

580 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question