How to Convert Certificates from CER to PFX Format

In this tutorial, I will explain how to easily convert certificates from CER to PFX format. In case you have a certificate file in CER format and then program or the tool you want to use it in supports PFX format then it can take you hours to figure out what to do. But worry not as I have laid out a step-by-step guide to fix this.

CER and PFX files are both commonly used in the context of digital certificates. The difference is of them having public and private keys. Below, you can see what these files actually are. And for some reason, if you want to convert a CER file to PFX, then you can follow the later guide for that.

What is a CER Certificate File?

A CER file or .cer format is used to store public key certificates. It typically contains information such as the certificate holder’s name, public key, issuer, expiration date, and signature.

CER files are usually in the form of a binary DER (Distinguished Encoding Rules) format or a base64-encoded PEM (Privacy-Enhanced Mail) format. CER files are often used to distribute public key certificates to establish secure communication or verify the authenticity of a website or server.

What is a PFX Certificate File?

PFX file, also known as a personal information exchange file or a PKCS #12 file, is a file format used to store a private key and its associated public key certificate. It can also contain intermediate certificates and the certificate chain. PFX files are sometimes password-protected as well to ensure their security.

PFX files are commonly used for importing and exporting certificates and private keys, particularly in scenarios like SSL/TLS certificate installation on web servers or client authentication. You can also use PFX files to sign PDF files or some other documents.

How to Convert Certificates from CER to PFX Format?

1. Install or enable OpenSSL. In Windows 10 and Windows 11, you can open command prompt or PowerShell with administrator rights and run this command: winget install openssl
2. Open command prompt or Terminal with administrator rights in the directory where input CER file is.
   
   
3. Convert .cer file to .pem file first, using OpenSSL. To do this, run the following command.
   openssl x509 -inform der -in CER_FILE -out PEM_FILE
   
4. Now use the generated .pem file to PFX file by supplying your private key. Run this command: openssl pkcs12 -export -in PEM_FILE -inkey Private_Key -out PFX_FILE
   
5. Done

If you follow these steps carefully then you can easily convert any CER file to PEM file. The only thing you have to keep in mind is that you supply the exact private key that belongs to the input CER file. Otherwise, it will not work.

Closing thoughts:

If you are looking for a simple way to convert CER files to PFX then you are in the right place. Just use the commands I have mentioned here and do it in just a few seconds. Here I have used Windows but the process is exactly the same for Linux and macOS. On other platforms, you will often find OpenSSL preinstalled. So, all you have to do is just open the terminal and run the commands.