How to extract private key- encrypted or decrypted from PFX certificate file ?
Today in this post, we will see how to extract the private key from PFX certificate file.
We will first extract the encrypted key and then we will extract the decrypted key from it also.
1. Extract Encrypted key
[root@ngelinux01 Downloads]# cd web_certificate/ [root@ngelinux01 web_certificate]# ls web_certificate.pfx [root@ngelinux01 web_certificate]# openssl pkcs12 -in ./web_certificate.pfx -nocerts -out web-encrypted.key Enter Import Password: MAC verified OK Enter PEM pass phrase: Verifying - Enter PEM pass phrase: [root@ngelinux01 web_certificate]#
2. Extracting the decrypted key.
[root@ngelinux01 web_certificate]# ls -ltr total 12 -rwxrwxrwx 1 root root 6945 Sep 18 17:04 web_certificate.pfx -rwxrwxrwx 1 root root 2088 Sep 18 21:47 web-encrypted.key [root@ngelinux01 web_certificate]# file web-encrypted.key web-encrypted.key: ASCII text [root@ngelinux01 web_certificate]# cat web-encrypted.key Bag Attributes Microsoft Local Key set: localKeyID: 01 00 00 00 friendlyName: tq-a625282d-ed03-4287-bcc9-73c4b71f0ca1 Microsoft CSP Name: Microsoft RSA SChannel Cryptographic Provider Key Attributes X509v3 Key Usage: 10 -----BEGIN ENCRYPTED PRIVATE KEY----- MIIFDjBABgkqhkiG9w0BBQ0wMzAbBgkqhkiG9w0BBQwwDgQI9x1u/sYpqF4CAggA [root@ngelinux01 web_certificate]# openssl rsa -in ./web-encrypted.key -out web-decrypted.key Enter pass phrase for ./web-encrypted.key: writing RSA key [root@ngelinux01 web_certificate]# ls -ltr total 16 -rwxrwxrwx 1 root root 6945 Sep 18 17:04 web_certificate.pfx -rwxrwxrwx 1 root root 2088 Sep 18 21:47 web-encrypted.key -rwxrwxrwx 1 root root 1679 Sep 18 21:50 web-decrypted.key