https://humberto.io/tags/key/Recent content in Key on Humberto RochaHugoenMon, 10 Jul 2023 17:35:05 -0400https://humberto.io/bits/extract-certificate-and-key-from-pfx-file/Mon, 10 Jul 2023 00:00:00 +0000https://humberto.io/bits/extract-certificate-and-key-from-pfx-file/<p>Extract the certificate from the <code>.pfx</code> file:</p> <div class="highlight"><pre tabindex="0" style="color:#cdd6f4;background-color:#1e1e2e;-moz-tab-size:4;-o-tab-size:4;tab-size:4;"><code class="language-shell" data-lang="shell"><span style="display:flex;"><span>openssl pkcs12 -in &lt;DOT_PFX_FILE&gt; -clcerts -nokeys -chain -out certificate.crt </span></span></code></pre></div><p>Extract the private key in <code>.pem</code> format without encryption from the <code>.pfx</code> file:</p> <div class="highlight"><pre tabindex="0" style="color:#cdd6f4;background-color:#1e1e2e;-moz-tab-size:4;-o-tab-size:4;tab-size:4;"><code class="language-shell" data-lang="shell"><span style="display:flex;"><span>openssl pkcs12 -in &lt;DOT_PFX_FILE&gt; -nocerts -nodes -out private_key.pem </span></span></code></pre></div><p>Convert the <code>.pem</code> into <code>RSA</code> key format:</p> <div class="highlight"><pre tabindex="0" style="color:#cdd6f4;background-color:#1e1e2e;-moz-tab-size:4;-o-tab-size:4;tab-size:4;"><code class="language-shell" data-lang="shell"><span style="display:flex;"><span>openssl rsa -in private_key.pem -out id_rsa </span></span></code></pre></div><p>If you are using OpenSSL 3 it will default it&rsquo;s output to be in <code>PKCS8</code> format, that contains encapsulation boundaries like this:</p>