Before jumping into the procedure to convert a CER certificate to PFX without the private key. Let’s understand the difference between the certificate formats.
You can always refer X.509 certificate Request for Comments (RFC) and X.509 articles to know about the digital certificates in depth. X.509 certificates come majorly in two formats: Base64 (ASCII) and Binary. Again there are two formats underneath Base64. They are PEM and PKCS#7. As like Base64, Binary has two formats too: DER and PKCS#12. Of all these certificate formats few of them come bundled with a private key and few are not. To tell in short, .cer, .crt, and .p7b formats necessarily don’t have the private key with them. Whereas .pfx is always bundled with a private key.
Most of the Certificate Authorities will not issue certificates with the private key. They just issue and share the certificates in .cer, .crt, and .p7b formats which don’t have the private key in most of the cases. But, your application needs the certificate in .pfx format. Now, you have a .cer certificate in your hand, but you need a .pfx certificate to deploy. And, you can’t convert the .cer certificate to .pfx without the private key. This problem has created confusion in most people and may create delays in the certificate deployment/renewal process.
We thought it is an excellent idea to address this common problem. So we are here to explain the complete step by step process to convert a CER Certificate to PFX Without the private key.
How To Convert A CER Certificate To PFX Without The Private Key?
The procedure is quite simple. You can convert a CER certificate to PFX without the private key in three simple steps. But, this process will require the machine on which you have created the CSR (Certificate Signing Request) Because the private key had been created during the CRS creation process. We are just using the previously create private key to convert the CER certificate to PFX. Bear in mind, this process will work only on Windows platform.
- Import the certificate chain to their respective stores.
- Open the certificate snap-in in the Windows MMC console.
- Export the certificate in .pfx from the MMC console.
Time needed: 5 minutes.
How to Convert a CER Certificate to PFX Without the Private Key?
- Import the certificate to its personal certificate store
Right-click on the certificate file.
Select install certificate.
- Select Local Computer radio button
- Select the default automatic store to import the certificate
- Import the certificate
Click Finish button to complete the import process.
- Import process complets.
Wait for a while until you see a successful message.
- Open MMC in Windows server
Hit Win + R to open the Run utility
Type mmc in the box.
- Add Certificate Snap-in
Go to File > Add/Remove Snap-in..
- Select Certificates and press Add
- Select the User or Computer Certificate snap-in
Select the snap-in which you want to create the certificate. For demonstration we are choosing Compute account.
- Select Local Computer
Select local computer as you are going to create CSR on the same computer.
- Select Certificate (Local Computer) and click Ok
- Load MMC
You will see the certificate in the personal store.
- Export the Certificate
Right Click on the Certificate
Select All Tasks -> Export
- Certificate Export Wizard
Click Next in the Certificate Export Wizard
- Export the Private Key
Select the radio button ‘yes, export the private key’
- Export pfx certificate
Select PFX radio button.
Three options are available to select during the export. Select the one which you need.
- Select Security options to export the pfx certificate.
(Optional) Select the Group or user name of your choice if you want to set the permissions to manage the certificate.
Select a password and enter the password to encrypt the certificate.
Note: It is mandated to select the password. It is recommended to secure the private key.
- Provide the location to save the pfx Certificate.
Browse the location where you want to save the pfx certificate
- Finish to export the pfx certificate
This complete the procedure to convert a CER certificate to PFX without the private key.
Thanks for reading this article. Please read more such interesting articles and keep support us.