Converting a PFX (PKCS #12) file to PEM (Privacy Enhanced Mail) format is quite simple on Linux and Unix like systems. In this blog post, we will see how to convert a certificate file in PFX format to PEM file using OpenSSL from the command line.
PFX (also PKCS#12) is a file format that contains certificate(s) and private key(s) encrypted with a password. It usually has .pfx or .p12 file extensions. PFX files are typically used to securely transfer SSL certificates and their private keys from one server to another.
PEM (Privacy Enhanced Mail) is another file format that may contain just the certificate or the certificate with its private key. PEM files usually have extensions such as .pem, .key, .crt, .cer, etc. PEM encoded files are widely used for storing SSL certificates and keys on web servers.
You can use the OpenSSL command line tool to convert a PFX file to PEM format. An open-source toolkit that implements Secure Sockets Layer (SSL) and Transport Layer Security (TLS) protocols as well as general-purpose cryptography libraries.
To convert PFX to a PEM file containing a certificate as well as a private key:
openssl pkcs12 -in certname.pfx -out certname.pem -nodes
To convert PFX and get separate PEM files for certificate and key:
# Extract private key
openssl pkcs12 -in certname.pfx -nocerts -out key.pem
# Extract certificate
openssl pkcs12 -in certname.pfx -clcerts -nokeys -out cert.pem
You can also remove passphrase from the private key:
openssl rsa -in key.pem -out server.key
And finally, concatenate the key and certificate:
cat key.pem cert.pem > certname-full.pem
This will give you a combined PEM file with a certificate and unlocked private key that can be used on web servers like Nginx/Apache.
Hope this post helped you in understanding and converting PFX certificates to PEM format on Linux/Unix systems using the OpenSSL command line tool. Let me know if you have any questions!
Thanks for reading this post. Please share this post and help secure the digital world. Visit our website, thesecmaster.com, and our social media page on Facebook, LinkedIn, Twitter, Telegram, Tumblr, Medium, and Instagram and subscribe to receive updates like this.
You may also like these articles:
Arun KL is a cybersecurity professional with 15+ years of experience in IT infrastructure, cloud security, vulnerability management, Penetration Testing, security operations, and incident response. He is adept at designing and implementing robust security solutions to safeguard systems and data. Arun holds multiple industry certifications including CCNA, CCNA Security, RHCE, CEH, and AWS Security.
“Knowledge Arsenal: Empowering Your Security Journey through Continuous Learning”
"Cybersecurity All-in-One For Dummies" offers a comprehensive guide to securing personal and business digital assets from cyber threats, with actionable insights from industry experts.
BurpGPT is a cutting-edge Burp Suite extension that harnesses the power of OpenAI's language models to revolutionize web application security testing. With customizable prompts and advanced AI capabilities, BurpGPT enables security professionals to uncover bespoke vulnerabilities, streamline assessments, and stay ahead of evolving threats.
PentestGPT, developed by Gelei Deng and team, revolutionizes penetration testing by harnessing AI power. Leveraging OpenAI's GPT-4, it automates and streamlines the process, making it efficient and accessible. With advanced features and interactive guidance, PentestGPT empowers testers to identify vulnerabilities effectively, representing a significant leap in cybersecurity.
Tenable BurpGPT is a powerful Burp Suite extension that leverages OpenAI's advanced language models to analyze HTTP traffic and identify potential security risks. By automating vulnerability detection and providing AI-generated insights, BurpGPT dramatically reduces manual testing efforts for security researchers, developers, and pentesters.
Microsoft Security Copilot is a revolutionary AI-powered security solution that empowers cybersecurity professionals to identify and address potential breaches effectively. By harnessing advanced technologies like OpenAI's GPT-4 and Microsoft's extensive threat intelligence, Security Copilot streamlines threat detection and response, enabling defenders to operate at machine speed and scale.