diff --git a/webmin/CHANGELOG b/webmin/CHANGELOG
index 44acb3af4..49e82bd05 100644
--- a/webmin/CHANGELOG
+++ b/webmin/CHANGELOG
@@ -59,4 +59,4 @@ Converted many pages to use new ui-lib.pl functions, and broke down long forms u
 When Webmin's detected OS is automatically updated, Usermin's will be too (if it is an equivalent version).
 ---- Changes since 1.340 ----
 Added an option to the Proxy Servers form to fallback to a direct connection if the proxy is down.
-Added a tab showing details of the current cert, with a link to download in PEM format.
+Added a tab showing details of the current cert, with a link to download in PEM or PKCS12 format.
diff --git a/webmin/download_cert.cgi b/webmin/download_cert.cgi
index 13065eabd..ff97e3162 100644
--- a/webmin/download_cert.cgi
+++ b/webmin/download_cert.cgi
@@ -1,13 +1,23 @@
 #!/usr/local/bin/perl
-# Output the certificate in PEM format
+# Output the certificate in PEM or PKCS12 format
 
 require './webmin-lib.pl';
 &ReadParse();
 
 &get_miniserv_config(\%miniserv);
-$data = &cert_pem_data($miniserv{'certfile'} || $miniserv{'keyfile'});
+
+if ($ENV{'PATH_INFO'} =~ /\.p12$/) {
+	# PKCS12 format
+	$data = &cert_pkcs12_data($miniserv{'keyfile'}, $miniserv{'certfile'});
+	$type = "application/x-pkcs12";
+	}
+else {
+	# PEM format
+	$data = &cert_pem_data($miniserv{'certfile'} || $miniserv{'keyfile'});
+	$type = "text/plain";
+	}
 if ($data) {
-	print "Content-type: text/plain\n\n";
+	print "Content-type: $type\n\n";
 	print $data;
 	}
 else {
diff --git a/webmin/edit_ssl.cgi b/webmin/edit_ssl.cgi
index 560b452e7..ed0ae4a81 100755
--- a/webmin/edit_ssl.cgi
+++ b/webmin/edit_ssl.cgi
@@ -72,9 +72,13 @@ foreach $i ('cn', 'o', 'email', 'issuer_cn', 'issuer_o', 'issuer_email',
 		print &ui_table_row($text{'ca_'.$i}, $info->{$i});
 		}
 	}
-print &ui_table_row($text{'ssl_download'},
+@clinks = (
 	"<a href='download_cert.cgi/cert.pem'>".
-	"$text{'ssl_pem'}</a>");
+	"$text{'ssl_pem'}</a>",
+	"<a href='download_cert.cgi/cert.p12'>".
+	"$text{'ssl_pkcs12'}</a>"
+	);
+print &ui_table_row($text{'ssl_download'}, &ui_links_row(\@clinks));
 print &ui_table_end();
 print &ui_tabs_end_tab();
 
diff --git a/webmin/lang/en b/webmin/lang/en
index 338e677f8..770681395 100644
--- a/webmin/lang/en
+++ b/webmin/lang/en
@@ -342,7 +342,8 @@ ssl_cheader=Details of current certificate
 ssl_typeself=Self-signed
 ssl_typereal=Signed by CA
 ssl_download=Download certificate
-ssl_pem=PEM format..
+ssl_pem=PEM format
+ssl_pkcs12=PKCS12 format
 ssl_current=This section shows the details of the current Webmin SSL certificate, and allows it to be downloaded so that it can be accepted by your browser.
 ssl_edownload=Failed to extract PEM data from certificate
 
diff --git a/webmin/webmin-lib.pl b/webmin/webmin-lib.pl
index 93a363fb2..2ff62b218 100644
--- a/webmin/webmin-lib.pl
+++ b/webmin/webmin-lib.pl
@@ -1187,4 +1187,27 @@ if ($data =~ /(-----BEGIN\s+CERTIFICATE-----\n([A-Za-z0-9\+\/=\n\r]+)-----END\s+
 return undef;
 }
 
+# cert_pkcs12_data(keyfile, [certfile])
+# Returns a cert in PKCS12 format
+sub cert_pkcs12_data
+{
+local ($keyfile, $certfile) = @_;
+if ($certfile) {
+	open(OUT, "openssl pkcs12 -in ".quotemeta($certfile).
+		  " -inkey ".quotemeta($keyfile).
+		  " -export -passout pass: -nokeys |");
+	}
+else {
+	open(OUT, "openssl pkcs12 -in ".quotemeta($keyfile).
+		  " -export -passout pass: -nokeys |");
+	}
+while(<OUT>) {
+	$data .= $_;
+	}
+close(OUT);
+return $data;
+}
+
+
+
 1;