Posted by & filed under Linux, Server Admin.

Quick and dirty way to pull out the key and crt from a pkcs12 file:

openssl pkcs12 -in filename.pfx -nocerts -out filename.key

openssl pkcs12 -in filename.pfx -clcerts -nokeys -out filename.crt 

If you are using this for Apache and need to strip the password out of the certificate so Apache does not ask for it each time it starts:

openssl rsa -in /path/to/originalkeywithpass.key -out /path/to/newkeywithnopass.key

Leave a Reply

You must be logged in to post a comment.