Do you want to convert PFX file to PEM using OpenSSL in Windows? Well, this tutorial will explain how to do the same. Sometimes, you might want to convert your .p12 certificate file into .pem file (Personal Information Exchange), so that it can be used in grid computing environments or even in a Netscaler gateway. This tutorial will explain how to convert PFX file to PEM using Win32 OpenSSL utility on Windows operating system. If you want to do the same on Linux operating system, then here’s a guide for that.
How to convert PFX file to PEM using OpenSSL in Windows?
Step 1: Download and install Win32 OpenSSL package.
In some versions of Windows, you might have to install Visual C++ redistributable files.
Step 2: Now create a folder to store converted certificate files. Say, D:\certificate
Step 3: Copy .p12 certificate file into the folder created in step 2.
Step 4: Launch command prompt via Run > cmd
Step 5: Switch to the directory created in step 2.
cd D:\Certificates
Step 6: Create certificate file using the below OpenSSL command and enter the Import Password set while exporting the certificate from the browser.
openssl pkcs12 -in test.p12 -out test.crt.pem -clcerts -nokeysSample screenshot:
Step 7: Create certificate private key using the below OpenSSL command and enter the Import Password set while exporting the certificate from the browser.
openssl pkcs12 -in test.p12 -out test.key.pem -nocerts -nodes
Sample screenshot:
Now, your certificate file is test.crt.pem and private key is test.key.pem.
You can also convert .p12 into .pem that contains both the certificate & private key. To do that, run the below command and enter Import Password set while exporting the certificate from the browser. You will be asked to set new PEM pass phrase to protect the converted file.
D:\Certificate>openssl pkcs12 -in test.p12 -out test.pem Enter Import Password: MAC verified OK Enter PEM pass phrase: Verifying - Enter PEM pass phrase:
It’s important to remember the PEM pass phrase, as you will need it later.
That’s it! Now you can use the PEM certificate formats in grid computing environment. For example, you may want to generate Grid proxy using the PEM certificate files. To do that, you need to run the grid-proxy-init command as shown below.
$ grid-proxy-init -cert test.crt.pem -key test.key.pem
