Combine A Private Key With .p7b Certificate file (How to Create a .pfx File)

This article will show you how to combine a private key with a .p7b certificate file to create a .pfx file on Windows Internet Information Server (IIS).  These instructions presume that you have already used “Create Certificate Request” from within IIS to generate a private key and CSR on the server/laptop you are using.  The instructions also presume that the CSR has been submitted, validated, and a signed SSL Certificate has been issued to you and that you have also installed the certificate to your server/laptop.

To create a PFX file, you will:

  1. Open MMC and locate the certificate
  2. Export the corrected certificate

Locate the Certificate with MMC

1. Open MMC on your computer (you can locate this program by typing “mmc” in your Windows search bar).


2. Select “File > Add/Remove Snap-in” (or type Control-M). Select “Certificates” and click the Add button.


3. Select “Computer account” and click Next


…then direct the snap-in to manage the “Local computer” and click Finish.


4. Click OK to add the snap-in.

5. Next, navigate to the “Certificates (Local Computer) > Personal > Certificates” folder.


Export the Corrected Certificate

7. Right-click the certificate and select “All tasks > Export” to open the Certificate Export Wizard.


8. After clicking through the Wizard’s welcome page, make sure that the option is set to “Yes, export the private key” and click Next.


9. Choose the format for the exported certificate (here, a PKCS # 12 -encoded, or .PFX file). Make sure to check the boxes to include all certificates in the path and to export all extended properties, then click Next.


10. You will be prompted for a password to protect this certificate bundle (a good idea, since it incorporates your private key). Create and confirm your password, then click Next.


11.  Select the name and location of the file you are exporting. You may browse to a location you prefer – make sure to save the file with the .pfx extension.

Note: Including the date is a good way to differentiate this certificate file from other ones.


12. Review the information. If this all looks correct, click Finish.


You will receive confirmation that the export was successful.