Converting PFX to PEM and Key with OpenSSL

I use the DigiCert utility to generate and complete all my SSL certificate requests. Since upon import these certificates get automatically added to the Windows keystore, and our certificate provider doesn’t provide a good way to get a PEM certificate for Linux-based appliances.

I always seem to forget how to do this and finally I am just going to post this here since I can more easily remember where to find these instructions. Shoutout to UW IT for originally posting these instructions!

  1. Export the file from your Windows certificate store. Make sure the private keys are exportable if need be.
  2. Run the following command to export the private key: openssl pkcs12 -in certname.pfx -nocerts -out key.pem -nodes
  3. Run the following command to export the certificate: openssl pkcs12 -in certname.pfx -nokeys -out cert.pem
  4. Run the following command to remove the passphrase from the private key: openssl rsa -in key.pem -out server.key 

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

Powered by WordPress.com.

Up ↑

%d bloggers like this: