PFX (p12) Certificate Conversion

What is a PFX Certificate

PKCS #12 is one of the family of standards called Public-Key Cryptography Standards (PKCS), published by RSA Laboratories. It defines a file format commonly used to store X.509 private keys with accompanying public key certificates, protected with a password-based symmetric key PFX Certificate?

In practice .pfx is just another file extension for a PKCS#12 or .p12 type certificate.

Convert PFX to PEM

This command will convert a pfx certificate to a X509 pem encoded certificate. The use of the -nodes flag will give the option to password protect the private key in the new pem encoded certificate. For information on converting pem to der encoded certificates.

Export ALL: Public Certificates, Private Keys, and CA Chain as single certificate

Encrypt private key with a password

Do not encrypt private key

Export Public Certificate from pfx

Export Private Key from pfx

Export Certificate Authority (CA) Chain from pfx

Convert PFX to JKS ( Java Keystore )


One thought on “PFX (p12) Certificate Conversion

  1. Sonny says:

    Thanks for putting this together, you saved me hours of work. I need to script extraction of private keys from 1000s of files, this helps greatly and doing it manually would have been a deal breaker.

Leave a Reply

Your email address will not be published.