Security

This artice shows how to extract all the certificates and key file from .pfx file using openssl and remove any password if required.

Conversion to a combined PEM file

To convert a PFX file to a PEM file that contains both the certificate and private key, the following command needs to be used:

# openssl pkcs12 -in filename.pfx -out cert.pem -nodes

Conversion to separate PEM files

We can extract the private key form a PFX to a PEM file with this command:

# openssl pkcs12 -in filename.pfx -nocerts -out key.pem

Exporting the certificate only:

# openssl pkcs12 -in filename.pfx -clcerts -nokeys -out cert.pem

Removing the password from the extracted private key:

# openssl rsa -in key.pem -out server.key

Leave a Comment

Your email address will not be published. Required fields are marked *