Create PEM with Chain and Key

Creating a .pem with the Private Key and Entire Trust Chain

1. Convert P12/pfx to pem

   1. • Export Private Key From a PKCS#12 File with OpenSSL

openssl pkcs12 -in [yourfile.pfx] -nocerts -out [drlive.key]

1. 1. • Export Certificate From a PKCS#12 File with OpenSSL 

openssl pkcs12 -in [yourfile.pfx] -clcerts -nokeys -out [drlive.crt]

1. 1. • Decrypt the Private Key

openssl rsa -in [drlive.key] -out [drlive-decrypted.key]

2. Open a text editor (such as wordpad) and paste the entire body of each certificate into one text file in the following order:

   1. • The Private Key - your_domain_name.key

      • The Primary Certificate - your_domain_name.crt

      • The Intermediate Certificate - DigiCertCA.crt

      • The Root Certificate - TrustedRoot.crt

3. Make sure to include the beginning and end tags on each certificate. The result should look like this:

-----BEGIN RSA PRIVATE KEY-----

(Your Private Key: your_domain_name.key)

-----END RSA PRIVATE KEY-----

-----BEGIN CERTIFICATE-----

(Your Primary SSL certificate: your_domain_name.crt)

-----END CERTIFICATE-----

-----BEGIN CERTIFICATE-----

(Your Intermediate certificate: DigiCertCA.crt)

-----END CERTIFICATE-----

-----BEGIN CERTIFICATE-----

(Your Root certificate: TrustedRoot.crt)

-----END CERTIFICATE-----