ZeroSSL by default supplies certificates in PEM format. To convert your certificate to PKCS12 please follow these steps:
- Download your certificate from ZeroSSL and unzip it to a folder on your harddisk
If you're using Windows, install OpenSSL and add it to your path. This guide might be helpful. MacOS has Openssl pre-installed, most Linux distributions as well.
OpenSSL Download
- On MacOS and Linux, open a terminal (on Windows, open a command prompt) and change to the directory where you extracted the certificates to
- Run the following commands to generate the "certificate.p12" PKCS12 file:
On MacOS or Linux:
cat certificate.crt ca_bundle.crt > full_chain.crt
openssl pkcs12 -export -out certificate.p12 -inkey private.key -in full_chain.crt
(input any export password for future import use)
The export password (and import password later) should be inputted here
On Windows:
(copy the certificate files to C:\Program Files\OpenSSL-Win64\bin and run cmd as administrator at that folder path)
copy /b certificate.crt + ca_bundle.crt full_chain.crt
openssl pkcs12 -export -out certificate.p12 -inkey private.key -in full_chain.crt
(input any export password for future import use)
Convert to pfx file
openssl pkcs12 -export -out certificate.pfx -inkey privateKey.txt -in full_chain.crt -certfile ca_bundle.crt