Ok, so I worked out what the issue was. Both are PKCS #12 file formats, and ASDM did allow ,me to import both formats and reported no problems. However, to correctly 'authenticate' the cert, the .pfx needs to be converted to .p12 format. Using openssl, something like this:
openssl base64 -in <certfilename>.pfx -out <certfilename>.p12
This then correctly associates the signing CA with the identity cert Trustpoint..