1. Home
  2. Windows
  3. How to Convert PFX file to PEM using OpenSSL in Windows?

How to Convert PFX file to PEM using OpenSSL in Windows?

Do you want to convert PFX file to PEM using OpenSSL in Windows? Well, this tutorial will explain how to do the same. Sometimes, you might want to convert your .p12 certificate file into .pem file (Personal Information Exchange), so that it can be used in grid computing environments or even in a Netscaler gateway. This tutorial will explain how to convert PFX file to PEM using Win32 OpenSSL utility on Windows operating system. If you want to do the same on Linux operating system, then here’s a guide for that.

How to convert PFX file to PEM using OpenSSL in Windows?

Step 1: Download and install Win32 OpenSSL package.

Note:

In some versions of Windows, you might have to install Visual  C++ redistributable files

Step 2: Now create a folder to store converted certificate files. Say, D:\certificate

Step 3: Copy .p12 certificate file into the folder created in step 2.

Step 4: Launch command prompt via Run > cmd

Step 5: Switch to the directory created in step 2.

cd D:\Certificates

Step 6: Create certificate file using the below OpenSSL command and enter the Import Password set while exporting the certificate from the browser.

openssl pkcs12 -in test.p12 -out test.crt.pem -clcerts -nokeys

Sample screenshot:

Convert PFX into PEM

Step 7: Create certificate private key using the below OpenSSL command and enter the Import Password set while exporting the certificate from the browser.

openssl pkcs12 -in test.p12 -out test.key.pem -nocerts -nodes

Sample screenshot:

Convert PFX into PEM

Now, your certificate file is test.crt.pem and private key is test.key.pem.

You can also convert .p12 into .pem that contains both the certificate & private key. To do that, run the below command and enter Import Password set while exporting the certificate from the browser. You will be asked to set new PEM pass phrase to protect the converted file.

D:\Certificate>openssl pkcs12 -in test.p12 -out test.pem
Enter Import Password:
MAC verified OK
Enter PEM pass phrase:
Verifying - Enter PEM pass phrase:
Note:

It’s important to remember the PEM pass phrase, as you will need it later.

That’s it! Now you can use the PEM certificate formats in grid computing environment. For example, you may want to generate Grid proxy using the PEM certificate files. To do that, you need to run the grid-proxy-init command as shown below.

$ grid-proxy-init -cert test.crt.pem -key test.key.pem
Updated on January 4, 2018

Was this article helpful?

Related Articles

Leave a Comment