Converting .P7B (PKCS#7) to .PFX / .P12 (PKCS#12) file format

Both PKCS#12 and .PFX also contain a Private Key, which is typically only known by the client (not the CA!). - Therefore the CA cannot deliver a  .PFX/PKCS#12 file, but usually delivers X.509 .CRT files - possibly PKCS#7 (.P7B) for Windows/IIS servers.

In order to successfully convert a .p7b into .p12 or .pfx, you will require your private key and can use one of the following methods:

a) InterSSL PFX Converter

https://www.interssl.com/de/ssl-tools-pfxconverter.php

b) OPENSSL: (Windows, Linux, OSX)

openssl pkcs7 -print_certs -in certificate.p7b -out certificate.cer
openssl pkcs12 -export -in certificate.cer -inkey privateKey.key -out certificate.pfx -certfile CACert.cer

 

c) Alternatively: Microsoft offers a converter tool for Windows via MSDN:

https://msdn.microsoft.com/windows/hardware/drivers/devtest/pvk2pfx

pvk2pfx -pvk mypvkfile.pvk -pi mypassword -spc myspcfile.spc -pfx mypfxfile.pfx -f

same command but alternate file naming conventions:

pvk2pfx -pvk mypvkfile.key -pi mypassword -spc myspcfile.crt -pfx mypfxfile.pfx -f
 

Was this answer helpful?

 Print this Article

Also Read

Converting .CRT (X.509) to .P7B (PKCS#7) file format

Windows:    Instrunctions for Microsoft Windows (Symantec Knowlegde Base) Linux: openssl...

SSL Installation under Apache and Tomcat 6.0, Tomcat 7.0,Tomcat 8.0

Tomcat 6.x: https://tomcat.apache.org/tomcat-6.0-doc/ssl-howto.html Tomcat...

How can i verify my SSL certification?

Please use the tools from our SSL Tools site which offer you all kinds of SSL checker tools for...

Configuring Apache with SNI support

https://wiki.apache.org/httpd/NameBasedSSLVHostsWithSNI

How to export an existing SSL certificate from Windows IIS and reuse it on Linux (convert .PFX to .KEY and .CRT)

1) In Windows, right click on the SSL certificate and export to .PFX 2) On Linux, convert the...