You need to get them to give you a base64-encoded certificate in PEM format.
So imported the PFX file into vCenter in a temp directory and ran these three commands:
openssl pkcs12 -in <filename.pfx> -nocerts -nodes | sed -ne '/-BEGIN PRIVATE KEY-/,/-END PRIVATE KEY-/p' > <clientcert.key>
openssl pkcs12 -in <filename.pfx> -clcerts -nokeys | sed -ne '/-BEGIN CERTIFICATE-/,/-END CERTIFICATE-/p' > <clientcert.cer>
openssl pkcs12 -in <filename.pfx> -cacerts -nokeys -chain | sed -ne '/-BEGIN CERTIFICATE-/,/-END CERTIFICATE-/p' > <cacerts.cer>
That gave me the three files I was looking for and replaced the certificates with no issue.
I had generated the three files from pfx. How to proceed further? Can you say where I have to replace these files?