Say you have a .crt and a .key and wanted to install the certificate for use on a Windows Server.  If you just import the .crt you'll only have 1/2.  You need both the private and public key.  I had to do this very thing yesterday for updating a wildcard certificate on my Citrix Secure Gateway server.  With Microsoft Windows you can only import .PFX and .P12 files into the certificate store.  Here's what I had to do.

Installed the windows version of OpenSSL.  Which can be found Here.  If you don't know much about it, basically it's a command line tool used for converting certificates to different formats.  Atleast that's what I've only used it for, but I'm not a cryptology specialist at all.  I have a very basic understanding of how SSL works.

After a simple a next, next finish installation.

I ran the following command:

     openssl pkcs12 -export -in certfile.crt -inkey keyfile.key -out newcertkey.p12

Just rename your files as necessary and voila, it spits out a file that can be imported right into a Windows Server certificate store.

On another note sometimes a .key file will have everything needed in it.  To check if the key does contain both sides of the puzzle, you can run the following commands on your .key file to verify that.

     openssl rsa -text -in keyfile.key


     openssl dsa -text -in keyfile.key

Based on the output of each command, you can tell whether or not you have enough to convert they key to a .P12.