Solved

Generate PKCS12 file from .cer and .pvk

Posted on 2014-01-20
6
2,241 Views
Last Modified: 2014-01-20
Hi Experts,

How can I generate a pfx file from a .cer and .pvk file?

Thanks,
Mike
0
Comment
Question by:thready
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
6 Comments
 
LVL 8

Expert Comment

by:amatson78
ID: 39794406
You can use openssl:

# openssl pkcs12 -export -out certificate.pfx -inkey certificate.key -in certificate.crt

If you need to include the certificate chain you can add "-certfile CACert.crt"

# openssl pkcs12 -export -out certificate.pfx -inkey certificate.key -in certificate.crt -certfile CACert.crt

You will be prompted to create a password twice and then cert should be created. You can check the cert with:

#openssl pkcs12 -info -in certificate.pfx
0
 
LVL 1

Author Comment

by:thready
ID: 39794442
My key is in the Microsoft proprietary blob format (.PVK) - not any of the formats required by OpenSSL...
0
 
LVL 8

Accepted Solution

by:
amatson78 earned 400 total points
ID: 39794522
My apoligies I missed that part. I should have read better. Since you have the .pvk already that part should be good. First convert the .cer to a .spc with Cert2spc.exe (http://msdn.microsoft.com/en-us/library/f657tk8f(v=vs.110).aspx):

cert2Spc.exe certificate.cer certificate.spc

Open in new window


Then once that is done use pvk2pfx (http://msdn.microsoft.com/en-us/library/windows/hardware/ff550672(v=vs.85).aspx) to merge the .spc and the .pvk to a .pfx file:

pvk2pfx.exe -pvk yourkey.pvk -pi <password> -spc certificate.spc -pfx certificate.pfx -po <password>

Open in new window


See if that works for you.

Cheers, Alan
0
Is your NGFW recommended by NSS Labs?

Ours is! NSS Labs Next Generation Firewall Test gives the WatchGuard Firebox M4600 a "Recommended" rating! Curious where your NGFW landed on the  Security Value Map? See the map and download the full report today!

 
LVL 33

Assisted Solution

by:Dave Howe
Dave Howe earned 100 total points
ID: 39794527
you can download a conversion tool to standard PEM format here:

http://www.drh-consultancy.demon.co.uk/pvk.html

once it is in PEM format, you can use openssl or any other suitable tool (I prefer XCA) to convert that and the CER into the #12 format.
0
 
LVL 1

Author Closing Comment

by:thready
ID: 39794578
Thank you!
0
 
LVL 8

Expert Comment

by:amatson78
ID: 39795678
Glad that it helped and thank you for the Awesome rating :)

Cheers, Alan
0

Featured Post

Retailers - Is your network secure?

With the prevalence of social media & networking tools, for retailers, reputation is critical. Have you considered the impact your network security could have in your customer's experience? Learn more in our Retail Security Resource Kit Today!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

When it comes to security, close monitoring is a must. According to WhiteHat Security annual report, a substantial number of all web applications are vulnerable always. Monitis offers a new product - fully-featured Website security monitoring and pr…
This article provides a convenient collection of links to Microsoft provided Security Patches for operating systems that have reached their End of Life support cycle. Included operating systems covered by this article are Windows XP,  Windows Server…
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…

705 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question