You don’t really need to use openssl to produce a PFX file, it is supported natively by le64 - see https://github.com/do-know/Crypt-LE#pfxp12-iis-support
As for the error you are seeing when attempting to convert with openssl, that might be due to the fact that by default the certificate file (mydomain.crt in your case) contains 2 certificates - for your domain and the intermediate one. Those can be stored separately (domain certificate to .crt file and intermediate to .ca file) if -legacy option is used. Alternatively you can just split that crt file leaving only your domain certificate in it - the answer given in ZeroSSL FAQ might apply to your case as well.