In some circumstances you may need to extract the Private key and certificates from a PKCS12 file for use in another program.
- Copy the PFX or P12 file to the same location as your OpenSSL program (or specify the location in the command line).
- Type this command:
openssl pkcs12 -in PKCS12file -out keys_out.txt
- After entering the above command you will receive these prompts:
Enter Import Password: (this is the password that was used when the PKCS12 file was created)
MAC verified OK
Enter PEM pass phrase: (this is the private key password)
Verifying - Enter PEM pass phrase: (confirm the private key password)
- The private key, certificate, and any chain files (roots) will be parsed and dumped into the "keys_out.txt" file.
Note: The private key will still be encrypted. If you need the private key unencrypted see solution: SO5292
For more information concerning OpenSSL please visit: www.openssl.org