Skip to main content

From PFX to PEM

If you ever find yourself in the situation when you need to extract the certificate and the private key from the PFX file you might be somewhat disoriented at first, especially if your experience is limited to Windows systems. Do not despair, it is very easy to do.  

One possible scenario - you have requested and processed the original certificate using IIS, then exported certificate with the private key, either to be stored in the safe place as a backup or to be imported into other servers or devices (typical in case of say wildcard certificates). Then, when you try to import it into a Linux/Apache based appliance, you find out that it requires a slightly different format (a certificate file and a private key file):

First, you would need to get a hold of an OpenSSL toolkit, visit OpenSSL Project website or download Windows installer hereOnce you have installed OpenSSL and have your PFX file handy, you can run the following commands to extract the private key and the certificate into two separate files:

openssl.exe pkcs12 -in XYZ.pfx -nocerts -out XYZprivateKey.pem
openssl.exe pkcs12 -in XYZ.pfx -clcerts -nokeys -out XYZpublicCert.cer

That's it. You can now import them.


  1. I just wanted to say this is an elegantly composed article as we have seen here.Professional swiss work Certificate Generation Tool I got some knowledge from your article and also it is a significant article for us. Thanks for sharing an article like this.


Post a Comment

Popular posts from this blog

Mail-enabled security groups in Office 365

Another update (11/19/2013):  further evolution of Office 365 services makes creation of distribution and security groups even easier, plus there's now an option of creating a dynamic distribution group (click here for more information):    Update (08/06/2012): a clear sign of Office 365 evolving along the same lines as other agile cloud services - small incremental features and minor new functionality are being delivered almost continuously and, unlike important major service updates,  without much fanfare. For example, there's no need to resort to using PowerShell to setup mail-enabled security groups anymore, it can now be done at creation using management portal:       Those managing Office 365 ( O365 ) tenant via the Microsoft Online Services Portal  ( MOS Portal ) interface would notice that there are two distinct group entities: Security Groups: can be created via MOS Portal (main portal page>Management>Security Groups) and used for assigning

Skype for Business and VTC Interoperability

Skype for Business (SfB) has a very, very strong potential, I have written about it in my previous post . I can't think of any other platform that shows as much promise in terms of bridging personal and business communications as well as unifying different modes and mediums. And all of this may have started with a strategic acquisition of Skype by Microsoft in 2011. That said, the road ahead is not without challenges. For example, interoperability with other platforms. Making SfB work with existing Video TeleConferencing (VTC) systems, many of which represent significant capital investments in organizations' infrastructure, could be of a particular importance. After reading statements like Skype for Business is based on Session Initiation Protocol (SIP) standards and supports H.264 (MPEG-4 video coding standard) one can come to a quick conclusion that integration and/or interoperability with other VTC solutions is easy or nearly automatic. Unfortunately, the industry is not

WordPress displays weird characters

Sometimes after a database conversion (e.g. from MySQL to MariaDB) or due to encoding issues a situation might arise when WordPress is showing weird characters. A quick way of remedying the situation would involve examining the pages to discover a pattern (what characters are being substituted, in the example below the apostrophe was replaced by  ’ ) then running an queries against the database to reverse the effect. Here's a quick example (common tables that store content): UPDATE  wp_posts  SET  post_content =  REPLACE (post_content,  'Â' ,  '' )      UPDATE  wp_posts  SET  post_content =  REPLACE (post_content,  '’' ,  "'" )      UPDATE  wp_postmeta  SET  meta_value =  REPLACE (meta_value,  'Â' ,  '' )      UPDATE  wp_postmeta  SET  meta_value =  REPLACE (meta_value,  '’' ,  "'" )      Please, keep in mind that to permanently resolve the issue you would need to get to the root of the p