March 17, 2022
BSH SSL
- client does not want to generate a new cert, sent a PFX file instead. Here's the steps.
To convert to pem file with the private key and cert separate:
openssl pkcs12 -in blahblah.pfx -nokeys -out bundle.pem
this will prompt you for the password to open the pfx file then output a pem file that only contains the public key (cert), not the private.
openssl pkcs12 -in foodservice-2023.pfx -nocerts -out private.pem
this will prompt you for the password to open the pfx file then output a pem file that only contains the private key, not the public.
NOTE: I added a temporary password here, this seems to be necessary in order to export properly, but we remove that encryption on the next step.
Lastly, you may need to remove the RSA encryption from the private key to make it readable by some *nix services.
openssl rsa -in private.pem -out private.key
You will need the separate key file from the previous step to do this. You cannot go directly from the pfx file.
You should note that you first have to split the pfx into the pem and key file, then you can remove the password from the key
Team Meeting
TMZ LP
- start css