Is it possible to convert a .pfx (Personal Information Exchange) file to a .cer (Security Certificate) file? Unless I'm mistaken, isn't a .cer somehow embedded inside a .pfx? I'd like some way to extract it, if possible.
+4
A:
the simple way I believe is to import it then export it, using the certificate manager in Windows Management Console.
Andrew Cox
2008-12-31 15:22:54
That worked, thanks!! I was in the middle of doing it programmatically, but couldn't write the file correctly.
Pwninstein
2008-12-31 15:51:41
i tried doing this but when i select export private key , i am getting .cer (DER encoded) option disabled .and midletsigner utility need provatekey anyhow..
org.life.java
2010-04-28 04:38:35
You have to check the box when you import it, that says "mark this key as exportable"
Andrew Cox
2010-04-28 08:35:38
+14
A:
PFX files are PKCS#12 Personal Information Exchange Syntax Standard files. They can include arbitrary number of private keys with accompanying X.509 certificates (public keys) and a Certificate Authority Chain.
If you want to extract client certificates (not the CA certificates), you can use OpenSSL's PKCS12 tool.
openssl pkcs12 -in xxxx.pfx -out mycertificates.crt -nokeys -clcerts
The command above will output the certificate(s) in PEM format. The ".crt" extension known to both Mac OS X and Windows operating systems and will be usable. You mention ".cer" extension your question which is the DER format equivalent. Same certificate but different encoding. Try the ".crt" file first and if it doesn't help, it's easy to convert from PEM to DER format.
openssl x509 -inform pem -in mycertificates.crt -outform der -out mycertificates.cer
...Hope this helps.
Berk D. Demir
2009-01-01 22:09:55
A:
Hello.
But .der only has public key? Is it possible a .der with public and private key?
Thank you very much.