OpenSSL - Certificate and private key cheat sheet

We start with a PKCS12 file called sisifo.pfx, which password is "1234".

A PKCS12 file contains:

• Certificate
• Certificate, information about the owner. If it is a certificate chain, it also contains information about the CAs.
• Public key
• Private key

Extract certificate and private key from a PKCS12 file (check here):

openssl pkcs12 -in sisifo.pfx -nocerts -out sisifo-key.pem -nodes
openssl rsa -in sisifo-key.pem -out sisifo.key

openssl pkcs12 -in sisifo.pfx -nokeys -out sisifo.cer

Merge certificate and private key files in a PKCS12 file (check here):

openssl pkcs12 -export -in sisifo.cer -inkey sisifo.key -name sisifo -out sisifo-2.pfx

If everything went fine, both files should be the same (or very similar ;)).