If you want to create PFX certificate then follow this link- how-to-create-pfx-certificate-using-azure-app-service-certificate
If you have already created pfx certificate then there are 2 ways to generate .CER certificate. As you know pfx certificate will have both private and public key whereas authentication certificate (.CER) will have the public key only. So never share pfx certificate with outside clients.
For configuring Azure App Gateway, you need pfx certificate to for LISTENER and authentication certificate (Base-64 encoded X.509 .cer) for HTTP settings.
You can run below PowerShell command to generate .CER certificate using pfx certificate. You will be required to provide the password for the pfx certificate
You can import the pfx certificate by double clicking on the certificate and then follow the prompts-
Now Open “Microsoft Management Console” (mmc) and follow the steps to create .cer certificate
On the new windows, go to File–>Add/Remove Snap In
Select the certificate and right click go to All Tasks–>Export
Now you have the .cer certificate ready.