I am using ESET ERA (Security Software Remote Administration Console) on a VPS running on Ubuntu 16.04 x64. The Mobile Device Connecter module in the software requires a pkcs12 (.pfx) file for the domain on which it will be used.
While using version 6 of ESET, I used the command :
sudo openssl pkcs12 -inkey /etc/letsencrypt/live/my.domain/privkey.pem -in /etc/letsencrypt/live/my.domain/fullchain.pem -export -out /etc/letsencrypt/live/my.domain/certificate.pfx -password pass:pass123
to generate the required .pfx file and it worked. But from version 7, the requirements have changed and now the software requires that the pfx file should include issuer root CA certificate alongwith the chain and certificate for the domain. I am assuming that the command that I use above does not include the root CA certificate as the software gives an error that the HTTPS certificate chain is incomplete.
Can any one please provide a step by step guide / command on how to generate a pfx file with issuer root CA certificate alongwith the chain and certificate.