A .PFX (Personal Information Exchange) File is used to store Certificate and its private and public keys. For example, if we need to transfer SSL certificate from one windows server to other, You can simply export it as .pfx file using IIS SSL export wizard or MMC console.
Sometimes we need to extract private key and certificate from .pfx file, but we can’t directly do it. This article can be helpful for you to do the same. This article will also helpful for you to migrate SSL certificate to AWS ELB because ELB required private key and certificate separately.
In order to use below commands you must have OpenSSL installed on your Windows or Linux system
Extract Private Key
The following command will extract private key from .pfx file. You can find the private key in file named private_key.pem.
openssl pkcs12 -in myfile.pfx -nocerts-out private_key.pem-nodes Enter Import Password: MAC verified OK
The following command will extract certificate from .pfx file. You can find the certificate in file named certificate_file.crt.
openssl pkcs12 -in myfile.pfx-nokeys -out certificate_file.crtEnter Import Password: MAC verified OK