The certificate.cer
is your public key and the CACert.cer
file (as it names suggest) is the public key of a CA (maybe the one who has signed your certificate).
The -in
switch specifies input certificate to embed in output file
The -inkey
switch specifies the key file you've generated using OpenSSL
The -out
switch tells the openssl your desired name for output file
The -certfile
is used to specify additional certificates to add to the output pfx file (it could be ignored)