I have been supplied a certificate file; CSR; Public Key and Private key by my SSL Cert reseller, all in txt files with ciphertext inside
It's a bit unusual for a CA (or reseller) to provide the private key to a customer. (In fact I would almost call that malpractice.) Generally the whole point of the CSR process is that the customer generates the private key and the CA (or reseller) never gets to touch it.
What file extension does the private key need to be in? (i will rename txt file with ciphertext to this extension)
The file extension doesn't matter. It's the format inside the file that matters to OpenSSL (and IIS), and renaming the file isn't going to change that.
I understand you can use openssl to insert the private key into the cert. What command do I use for openSSL?
IIS, like most native Windows CAPI things, likely expects the certificate and key to be bundled into a PFX (PKCS#12) file, so you would use openssl pkcs12 -export
to create that.
openssl pkcs12 -export -certfile Chain.txt -in Cert.txt -inkey Key.txt -out IIS.pfx
This is not really about "inserting the key into the cert". If that was the only thing, you could've done that with Notepad. The point here is to repackage both the cert and the key into a completely different format, which just happens to have both in a single file.
Obviously the cert and key will have to be in the correct format for open SSL to work - I have tried a number of different combinations but no luck yet!
OpenSSL accepts the "standard" text format (PEM for certificates, PEM or PKCS#8 for private keys) – the one with -----BEGIN FOO-----
header lines – and the files you received from the CA were most likely generated specifically to work with OpenSSL-based software in the first place.