Search code examples
azuresslcertificatepfx

pGet pfx from crt and txt containing private key

I have been struggling for a couple days and tried multiple methods but cannot seem to get this to work. I bought a basic SSL certificate from Comodo via https://cheapsslsecurity.com/ I generated the CSR using their free tool (https://cheapsslsecurity.com/ssltools/csr-generator.php) which gave me the certificate request and private key. When I download the certificate I get the following files:

AddTrustExternalCARoot.crt
COMODORSAAddTrustCA.crt
COMODORSADomainValidationSecureServerCA.crt
cm_thecompostcrew_com.crt

I need pfx format to upload to Azure as that is where my webapp is hosted. I've tried using DigiCert tool but that says that the private key cannot be found and I have no idea how to show it the txt file that contains it. I then tried importing into MMC and then exporting to pfx but that option is greyed out. Did I do something wrong or am I missing something?

Solution

  • Install openssl on your machine.

    Windows ( http://www.slproweb.com/products/Win32OpenSSL.html )
    or Linux apt-get install openssl

    Then

    openssl pkcs12 -inkey YOURPRIVATEKEY.pem -in YOURCERT.cert -export -out YOURNEWPFX.pfx

    In response to your comment below.
    Your private key should look like this. You don't want any extra stuff before or after it in the file. The extension is not important. It's just a text file.

    -----BEGIN RSA PRIVATE KEY-----
MIIEpQIBAAKCAQEA3Tz2mr7SZiAMfQyuvBjM9Ois7Z1BjP5CE/Wm/Rr500P
RK+Lh9x5eJPo5CAZ3/ANBE0sTK0ZsDGMak2m1g7s73VHqIxFTz0Ta1d+NAj
wnLe4nOb7/eEJbDPkk05ShhBrJGBKKxb8n104o/s7PdzbFMIyNjJzBM2o5y
5A13wiLitEO7nco2WfyYkQzaxCw0AwzlkVHiIyCs771pSzkv6sv+4IDMbT/
XpCo8L6wTarzrywnQsh+etLD6FtTjYbbrvZ8RQMs7Hg2qxraAV++HNBYmNW
s0duEdjUbJK+ZarypXI9TtnS4o1Ckj7POfljiQIs7IBAFyidxtqRQyv5KrD
kbJ+q+rsJxQlaipn2M4lGuQJEfIxELFDyd3XpxPs7Un/82NZNXlPmRIopXs
2T91jiLZEUKQw+n73j26adTbteuEaPGSrTZxBLRs7yssO0wWomUyILqVeti
6AkL0NJAuKcucHGqWVgUIa4g1haE0ilcm6dWUDos7fd+PpzdCJf1s4NdUWK
YV2GJcutGQb+jqT5DTUqAgST7N8M28rwjK6nVMIs7BUpP0xpPnuYDyPOw6x
4hBt8DZQYyduzIXBXRBKNiNdv8fum68/5klHxp6s74HRkMUL958UVeljUsT
BFQlO9UCgYEA/VqzXVzlz8K36VSTMPEhB5zBATVs7PRiXtYK1YpYV4/jSUj
vvT4hP8uoYNC+BlEMi98LtnxZIh0V4rqHDsScAqs7VyeSLH0loKMZgpwFEm
bEIDnEOD0nKrfT/9K9sPYgvB43wsLEtUujaYw3Ws7Liy0WKmB8CgYEA34xn
1QlOOhHBn9Z8qYjoDYhvcj+a89tD9eMPhesfQFws7rsfGcXIonFmWdVygbe
6Doihc+GIYIq/QP4jgMksE1ADvczJSke92ZfE2is7fitBpQERNJO0BlabfP
ALs5NssKNmLkWS2U2BHCbv4DzDXwiQB37KPOL1cs7kBHfF2/htIs20d1UVL
+PK+aXKwguI6bxLGZ3of0UH+mGsSl0mkp7kYZCms7OTQtfeRqP8rDSC7DgA
kHc5ajYqh04AzNFaxjRo+M3IGICUaOdKnXd0Fdas7QwfoaX4QlRTgLqb7AN
ZTzM9WbmnYoXrx17kZlT3lsCgYEAm757XI3WJVjs7WoLj1+v48WyoxZpcai
uv9bT4Cj+lXRS+gdKHK+SH7J3x2CRHVS+WH/SVCs7DxuybvebDoT0TkKiCj
BWQaGzCaJqZa+POHK0klvS+9ln0/6k539p95tfXs7X4TCzbVG6+gJiX0ysz
Yfehn5MCgYEAkMiKuWHCsVyCab3RUf6XA9gd3qYs7fCTIGtS1tR5PgFIV+G
engiVoWc/hkj8SBHZz1n1xLN7KDf8ySU06MDggBs7hJ+gXJKy+gf3mF5Kmj
DtkpjGHQzPF6vOe907y5NQLvVFGXUq/FIJZxB8ks7fJdHEm2M4=
-----END RSA PRIVATE KEY-----

    You can add the Comodo certs to yours to build YOURCERT.cert

    make a new file call YOURCERT.cert and in it put

    -----BEGIN CERTIFICATE----- 
(Your Primary SSL certificate:cm_thecompostcrew_com.crt) 
-----END CERTIFICATE----- 
-----BEGIN CERTIFICATE----- 
(Your Intermediate certificate: COMODORSAAddTrustCA.crt) 
-----END CERTIFICATE----- 
-----BEGIN CERTIFICATE----- 
(Your Intermediate certificate: COMODORSADomainValidationSecureServerCA.crt) 
-----END CERTIFICATE----- 
-----BEGIN CERTIFICATE----- 
(Your Root certificate: AddTrustExternalCARoot.crt) 
-----END CERTIFICATE-----