How to Extract Private Key and SSL Certificate from a Certificate.pfx file

 

If you have an SSL certificate in pfx format (also called PKCS#12 format) and that usually includes the SSL certificate for your host or domain along with the private key (usually the key is secured with a password), and if you want to extract the certificate file and the private key, here what you can do

Assuming the name of the certificate is MyCertificate.pfx

1- download/Install/extract OpenSSL command line utility into a temp folder.

2- Copy the the MyCertificate.pfx certificate file into that folder.

3- To export the ssl certificate into pem format

openssl  pkcs12  -in  MyCertificate.pfx  -nokeys  -out  MyCertificate.pem

4- To export private key:
openssl  pkcs12  -in MyCertificate.pfx  -nocerts  -out  MyPrivateKey.pem  -nodes

5- To remove the passphrase/password from the private key:
openssl rsa  -in  MyPrivateKey.pem  -out   NewPrivateKey.key

Now you have you have the certificate MyCerificate.pem & the private key NewPrivateKey.key (the names here could be anything – you can name them or rename them to anything descriptive or to whatever your webserver/web application documentation requires).

 

My notes on Halo (unrelated to the above)

Open the “cert” on the servers desktop, backup the current certificate and private key and move them out.  Copy the new cert and private key and match the names to backup files..

Restart Halo services.

 

0 replies

Leave a Reply

Want to join the discussion?
Feel free to contribute!

Leave a Reply

Your email address will not be published. Required fields are marked *