Creating a PFX file with chain

24 Jul

In some cases it’s necessary to create a pfx file which contains the root and intermediate certificates. We have an application that will not accept the certificate without the certificate chain in there. So here’s how to make that work.

Easiest way is to start notepad twice. With one of the notepads open your intermediate certificate. Copy the content of the intermediate certificate to your empty notepad.

Now open up your root certificate and just paste the contents below your intermediate certificate.

Save your new certificate to something like verisign-chain.cer. Now fire up openssl to create your .pfx file. The command you need to use is:

pkcs12 -export -out your_cert.pfx -inkey your_private.key -in your_cert.cer -certfile verisign-chain.cer
You need to enter the password corresponding to your private key and a new password to protect your new .pfx file

That’s all there is to it.


Leave a Reply