Convert your PFX/P12 Certificate file to a seperate certificate and keyfile

 

Convert your PFX/P12 Certificate file to a seperate certificate and keyfile.

openssl pkcs12 -in [yourfile.pfx/p12] -nocerts -out [keyfile-encrypted.key]

This extracts the private key from the pfx/p12 file. Once entered you need to type in the import password of the pfx/p12 file. This is the password that you used to protect your keypair when you created your pfx/p12 file. Once you entered the import password OpenSSL requests you to type in another password, twice! This new password will protect your .key file.

Extract the certificate:

openssl pkcs12 -in [yourfile.pfx/p12] -clcerts -nokeys -out [certificate.crt]

If your device/software requires an unecrypted .key file use the following command to remove the passphrase from the private key:

openssl rsa -in [keyfile-encrypted.key] -out [keyfile-decrypted.key]

Enter the new password that you created in step 1.

Convert your private key to PEM format. You can do so with the following command:

openssl rsa -in [keyfile-encrypted.key] -outform PEM -out [keyfile-encrypted-pem.key]

 

Leave a Reply

Your email address will not be published. Required fields are marked *