Ever had the issue that when creating a wildcard cert with generated private key you get the key + certificate files from GoDaddy and need to create a .pfx file for some reason? And then openssl command complains that private key isn’t valid? Hope this helps.


Get your zip for Apache from GoDaddy and unzip it. You should now have the generated private key, certificate file and the intermediate certificate file.

Fixing private key

This one is easy. Just open the private key file in your favorite editor and convert the file from UTF-8 BOM to UTF-8 or ASCII and openssl will be happy.

Or just use command line with

iconv -c -f UTF8 -t ASCII generated-private-key.txt > private.key

Combining keys

To combine the separate certifcates and key to a .pfx file run following:

openssl pkcs12 -export -out certificate.pfx -inkey private.key -in certificate.crt -certfile g2_bundle.crt

OpenSSL will prompt you for a password, generate a secure one, input the password twice and you should have a nice certificate.pfx with everything you’ll need.