How to Create a .pfx File

How to combine a private key with a .p7b certificate file to create a .pfx file on Windows Internet Information Server (IIS).

Related Content

Want to keep learning?

Subscribe to SSL.com’s newsletter, stay informed and secure.

Copy article link

Note: This article does not apply to SSL.com code signing and document signing certificates. These types of certificates cannot be generated as .pfx files and their private keys cannot be exported. SSL.com code signing and document signing certificates and their private keys can only be generated and stored in the eSigner cloud signing environment, a Yubikey device, or a supported Cloud HSM.

This article will show you how to combine a private key with a .p7b certificate file to create a .pfx file on Windows Internet Information Server (IIS).

These instructions presume that you have already used “Create Certificate Request” from within IIS to generate a private key and CSR on the server/laptop you are using.  The instructions also presume that the CSR has been submitted, validated, and a signed SSL Certificate has been issued to you and that you have also installed the certificate to your server/laptop.

For information on how to create a .pfx/.p12 certificate using OpenSSL, check out our article here

Compare UCC and SAN certificates, starting at $141.60 per year.

COMPARE

To create a PFX file, you will:

  1. Open MMC and locate the certificate
  2. Export the corrected certificate

Locate the Certificate with MMC

  1. Open MMC on your computer (you can locate this program by typing “mmc” in your Windows search bar).
    IIS7_No_Private_Key_Error_fix_01
  2. Select File > Add/Remove Snap-in (or type Control-M). Select Certificates and click the Add button.
    IIS7_No_Private_Key_Error_fix_02
  3. Select “Computer account” and click Next
    IIS7_No_Private_Key_Error_fix_03_1
  4. Direct the snap-in to manage the Local computer and click Finish.
    IIS7_No_Private_Key_Error_fix_03_2
  5. Click OK to add the snap-in.
  6. Next, navigate to the “Certificates (Local Computer) > Personal > Certificates” folder.
    IIS7_No_Private_Key_Error_fix_05_1
Go to top

Export the Corrected Certificate

Before attempting to export the certificate as a .pfx file, you’ll need the correct key symbol. 

  1. Right-click the certificate and select “All tasks > Export” to open the Certificate Export Wizard.
    IIS7_No_Private_Key_Error_fix_16
  2. After clicking through the Wizard’s welcome page, make sure that the option is set to “Yes, export the private key” and click Next.
    IIS7_No_Private_Key_Error_fix_17_1
  3. Choose the format for the exported certificate (here, a PKCS # 12 -encoded, or .PFX file). Make sure to check the boxes to include all certificates in the path and to export all extended properties, then click Next.
    IIS7_No_Private_Key_Error_fix_18_1
  4. You will be prompted for a password to protect this certificate bundle (a good idea, since it incorporates your private key). Create and confirm your password, then click Next.
    IIS7_No_Private_Key_Error_fix_19_1
  5. Select the name and location of the file you are exporting. You may browse to a location you prefer – make sure to save the file with the .pfx extension.
    Note: Including the date is a good way to differentiate this certificate file from other ones.
    IIS7_No_Private_Key_Error_fix_20_1
  6. Review the information. If this all looks correct, click Finish.
    IIS7_No_Private_Key_Error_fix_21_1
  7. You will receive confirmation that the export was successful.
    IIS7_No_Private_Key_Error_fix_22
Thank you for choosing SSL.com! If you have any questions, please contact us by email at Support@SSL.com, call 1-877-SSL-SECURE, or just click the chat link at the bottom right of this page.

Stay Informed and Secure

SSL.com is a global leader in cybersecurity, PKI and digital certificates. Sign up to receive the latest industry news, tips, and product announcements from SSL.com.

We’d love your feedback

Take our survey and let us know your thoughts on your recent purchase.

Take Survey