Had a situation where a client needed a PFX with password for a particular setup. This is something I have not done before, so here are the steps
Generate the key and the CSR
Enter the password when requested. Please ensure you remember this.
Replace domain with your domain name for simplicity.
openssl req -newkey rsa:2048 -nodes -keyout domain.key -out domain.csr
Once validated, you have should have access to these in the package.
- The root cert files
- intermediate cert files
- the domain crt from the TLS/SSL certificate provider.
Run the command to import the files, root, intermediate and domai.
Note in some cases you will have 2 or more intermediate files, please combined into one file and call intermeidate.crt. Rename the "root" cert, rootca.crt.
Generate the PFX
openssl pkcs12 -export -out domain.pfx -in rootca.crt -in intermediate.crt -in domain.crt -inkey domain.key
You will now have the pfx file for use along with the password.
