How do I create an x509certificate2 object using a certificate, private key, and chain file?

See more:

certificate

TcpClient

OpenSSL

I'm trying to connect to a server coded using C++ and an openssl wrapper. I'm using C#. The server has provided me with:
1. A certificate (.crt - header of "-----BEGIN TRUSTED CERTIFICATE-----")
2. A private, encrypted key (.key - header of "-----BEGIN ENCRYPTED PRIVATE KEY-----"). This key is reported to be an AES 256 CBC encrypted key.
3. A ca-chain.pem file containing two "-----BEGIN TRUSTED CERTIFICATE-----" headers.

I cannot for the life of me figure out how to generate an X509Certificate2 object to provide in the SslStream.BeginAuthenticateAsClient call. Being a novice at secure sockets, I'm not familiar with how to use the chain file or certificate nor can I find anything on the use of an AES encrypted private key.

Can anyone provide an example to look at or an explanation of how these three files play together when authenticating as a client?

It should be noted that the openssl s_client connection works using the three files. Replicating the command in C# is what I'm trying to do.

What I have tried:

1. I've tried using openssl to create a pfx file (reported to be the combination of the crt, key, and pem files) and use that to load the X509 certificate. The remote party (server) closes the transport stream immediately.
2. I've used openssl to create a pfx file from the server's crt and key file, used it in a TcpListener authentication process and it complains about the client and server not possessing a common algorithm. That doesn't make sense if I can connect the two sides using openssl command line commands.