Extract SSL Certificate and SSL Certificate Key From .PFX File
A pfx file is password protected certificate archive which contains your certificate and the private key.
domain.tld.key
The private decrypted RSA key file for the certificate. (ssl_certificate_key)domain.tld.crt
The certificate file for the domainbundle.crt
The certificate file for the issuerdomain.tld.chained.crt
The concatted file which consists ofdomain.tld.crt
andbundle.crt
(ssl_certificate)
Get the .key file
Extract the encrypted key using:
openssl pkcs12 -in cert.pfx -nocerts -out domain.tld.encrypted.key
Decrypt the encrypted key using:
openssl rsa -in domain.tld.encrypted.key -out domain.tld.key
Delete the domain.tld.encrypted.key
file since we won’t need it.
Get the .crt file
Get your domain certificate using:
openssl pkcs12 -in cert.pfx -clcerts -nokeys -out domain.tld.crt
Get your CA certificate using:
openssl pkcs12 -in cert.pfx -cacerts -out bundle.crt
Concat the 2 .crt files into a chained.crt:
cat domain.tld.crt bundle.crt > domain.tld.chained.crt
Delete the bundle.crt
and domain.tld.crt
files.
Implementation
You can use domain.tld.chained.crt
as SSL certificate file and domain.tld.key
as SSL certificate key file.