Every year the task comes around to renew the SSL certificates for various services, depending on the certificate provider you can’t always download it as a PFX file.
Now for some services that’s fine, but for others – in this case Azure, we need to upload a PFX file.
Now, in this example it was a cert generated by GoDaddy. We get the private key in a file, along with the .crt file. What we need to do is use the 2 and generate the pfx.
We can use the OpenSSL executable, but where to find this on Windows, well if you have Git Desktop installed you can usually find it in the following folder.
C:\Program Files\Git\usr\binNow one note with the private key file, it is usually saved in the wrong encoding, so open it up in notepad (yes it will work for this), or your editor of choosing, you need to make sure the encoding type is UTF-8, my originally key file for example was saved as UTF-8 with BOM – it just doesn’t work.
I usually add this folder to my environment PATH, but that’s your choice.
If you have added it to your PATH, then enter the following at the command prompt in the folder you have your cert file (.crt) and private key file (.key)
openssl pkcs12 -export -in yourcert.crt -inkey yourprivatekey.key -out yournewpfx.pfxIf you didn’t add it to the PATH, then you will need to run the above command from the OpenSSL.exe folder.
Either way, replace the bold files with the appropriate ones for you, it should ask you for a password, then create your PFX file for you.
Easy 🙂
Roland Thompson 