When you bought a commercial certificate from GoDaddy (or any other CAs), you typically got two files, .crt and .p7b (.p7b is used to build certificate chain so that your certificate can be valided). However, in some cases, you need a .pfx certificate file. For instance, you want to deploy a web application with HTTPs enabled in Windows Azure. So, how can we generate a .pfx file from .crt and .p7b files? In this blog post, I will walk you through two ways to do that.
The first option is using Microsoft Command Console, together with IIS in Windows, which can be completely done via GUI. The official GoDaddy support site has steps in a great detail, please refer to Installing an SSL Certificate in Microsoft IIS 7.
in case the first option does not work for you, the second option comes in handy. We use CertUtil command line tool which is part of Visual Studio development tools. Here are brief steps:
- Perform the same steps 1-19 of Option 1 to import .crt certificate file to local Windows certificate store (local computer\Personal).
- Run the following command line:
certutil -privatekey -exportPFX "ThumbPrint of the certificate" "<name of pfx file>.pfx"
You can get the ThumbPrint by checking the Properties of certificate imported in step 1, please note you need to remove all spaces of the ThumbPrint. You can either remove those spaces manually, or via a simple PowerShell command line like below:
$Thumbprint = "bn fe 5f 0d 59 5c f0 f2 5f a9 fa e9 73 ec 16 e0 b8 75 2b d2" $Thumbprint = $Thumbprint.Replace(" ", ""); $Thumbprint # Here is the result: bnfe5f0d595cf0f25fa9fae973ec16e0b8752bd2
Let me know if you have any feedback. Enjoy reading