1 min read

SSL Certificate convert to .pfx accepted by Azure

If you want to import a certificate into key vault in Azure you are required to have tour SSL certificate in a valid .pfx format. I struggled a bit to get that working and so I figured I will post it here to help anyone else googling like crazy for an answer.

So you have created a certificate or acquired one from a certificate authority (CA) and should have a Private Key file as well as a Certificate Signing Request (CSR) file.

  • private.key
  • private.csr

Using these you have acquired a certificate through a CA such as Cloudfare, Globalsign, Namecheap, DigiCert etc.etc.

  • domain_com.crt

Now with these files you can now create a valid .PFX file required by Azure key vault using openssl in terminal on unix/mac.

openssl pkcs12 -inkey private.key -in domain_com.crt -export -out domain_com.pfx

When doing the command you will be prompted with the possibility of setting a password.

Enter Export Password:
Verifying - Enter Export Password:

This password you need to remember to also provide when uploading to Azure keyvault.