[solved] How to convert the certificate pfx file to the pem format with private keys using the open ssl tool

This quick article will walk you thru on the certificate conversion on how to convert the certificate pfx file to the pem format with private keys using the open ssl tool.  pfx version of the certificate should contain the private key. openssl tool can be downloaded  for windows or Linux using the link below


Download and extract openssl.zip to your computer . The executable file openssl.exe is located within the ‘bin’ sub folder. Copy the .PFX certificate  file to this location and run the following commands below using appropriate variables to create private and public key .PEM files. this file will then contain the private key. PFX file must include the private key

screen shot  of the openssl install path – you must go the bin folder to start using the openssl.exe application like below

Openssl is the execution file that you will need to run and the command layout is listed below, the first line will convert the certificate.pfx file from “pfx to pem” and will retrieve the private key from the certificate and the second line will do the same but while retrieveing the public key instead of private key

  1. openssl pkcs12 -in certificate.pfx -nocerts -out private.pem -nodes
  2. openssl pkcs12 -in certificate.pfx -nokeys -out public.pem -nodes

The -nodes removes the password from the newly created pem file. If you want to keep the password then omit the -node from the command line and you can open the file with notepad and copy the content if needed to be pasted

Here is the result for a successful conversion and the message that is displayed  “MAC verified OK”

link to more information with multiple scenarios



Related Articles

Leave a Reply

Your email address will not be published.

Back to top button