Extract SSL Certificate and SSL Certificate Key From .PFX File
A pfx file is password protected certificate archive which contains your certificate and the private key.
domain.tld.keyThe private decrypted RSA key file for the certificate. (ssl_certificate_key)domain.tld.crtThe certificate file for the domainbundle.crtThe certificate file for the issuerdomain.tld.chained.crtThe concatted file which consists ofdomain.tld.crtandbundle.crt(ssl_certificate)
Get the .key file
Extract the encrypted key using:
openssl pkcs12 -in cert.pfx -nocerts -out domain.tld.encrypted.key
Decrypt the encrypted key using:
openssl rsa -in domain.tld.encrypted.key -out domain.tld.key
Delete the domain.tld.encrypted.key file since we won’t need it.
Get the .crt file
Get your domain certificate using:
openssl pkcs12 -in cert.pfx -clcerts -nokeys -out domain.tld.crt
Get your CA certificate using:
openssl pkcs12 -in cert.pfx -cacerts -out bundle.crt
Concat the 2 .crt files into a chained.crt:
cat domain.tld.crt bundle.crt > domain.tld.chained.crt
Delete the bundle.crt and domain.tld.crt files.
Implementation
You can use domain.tld.chained.crt as SSL certificate file and domain.tld.key as SSL certificate key file.