I found that folder with cert contain 4 files
cert.pem chain.pem fullchain.pem privkey.pem . So the my old command that I used for ZeroSSL crt files has generated valid for my IIS certificate.pfx . The command is
openssl pkcs12 -macalg SHA1 -keypbe PBE-SHA1-3DES -certpbe PBE-SHA1-3DES -export -out certificate.pfx -inkey privkey.pem -in cert.pem -certfile chain.pem
Also I've imported chain.pem file with no changes to Intermediate Certification Authorities and this work for me with no problems.
Also I've find that I should use key -d *.my-domain.com in certbot to create wildcard certificate so for now it looks like my problem solved.
Thanks for your job LetsEncrypt and certbot.