Conversion of .Crt Certificate to .Pfx format
Recently we faced an issue where a client renewed his certificate from Godaddy, after renewal client found that private key is missing in the certificate. Godaddy support suggested to import the certificate on the same server ,from where the CSR was generated for this certificate, however, that server was removed from the network.
Objective: Conversion of .Crt certificate to .Pfx format.
Solution:
- You must have old Pfx file with password of the same certificate, which is going to expire, or you can export it from existing server.
- Download OpenSSL and Install on Windows PC
- Run the following Command
C:\Windows\system32>cd \
C:\>cd OpenSSL-Win64
C:\OpenSSL-Win64>cd bin
C:\OpenSSL-Win64\bin>
C:\OpenSSL-Win64\bin>openssl - Copy your old pfx file in bin directory and run the following command
OpenSSL> pkcs12 -in Old.pfx -nocerts -out keyfile-encrypted.key
Enter Import Password:
Enter PEM pass phrase:
Verifying – Enter PEM pass phrase: - Above command will extract keyfile and place in bin folder and following command will generate pfx format of certificate
OpenSSL> pkcs12 -export -out New.pfx -inkey keyfile-encrypted.key -in certificate.crt
Enter pass phrase for keyfile-encrypted.key: (same password as you set in above command)
Enter Export Password:
Verifying – Enter Export Password:You will find new file generated (New.pfx) in pfx format in bin folder.
