In this article, we will see how to generate pfx certificate from Public and Private RSA keys. This is done with OpenSSL tool.

OpenSSL is available at https://www.openssl.org/source/

Once installed, OpenSSL is accessed using command prompt.

Generate PFX from Private and Public RSA Keys

In this example the certificate has only the private key and the public key but not the information of intermediate or root CA.

Below are the file list

  • Private Key – csc_private.key
  • Public Key – csc_public.pem

With OpenSSL, the key can be converted to PFX format.

Open command prompt and enter the below command

openssl pkcs12 -export -out ClientCert.pfx -inkey "C:\Cert\csc_private.key" -in "C:\Cert\csc_public.pem" 

This command will prompt to enter the password to secure the certificate. After entering the password, the certificate will be generated.

After the command execution, the certificate file is generated with the name “ClientCert.pfx” as mentioned in the -out parameter in the openssl command.

If certificate chain has to added to the pfx file, then the root and intermediate files can be appended to end of the above command as separate -in parameter. For example ” -in rootCA.pem -in intermCA.pem”

Hope you liked this article and thank you for reading.