How to extract private key- encrypted or decrypted from PFX certificate file ?

Today in this post, we will see how to extract the private key from PFX certificate file.

We will first extract the encrypted key and then we will extract the decrypted key from it also.

1. Extract Encrypted key

[root@ngelinux01 Downloads]# cd web_certificate/

[root@ngelinux01 web_certificate]# ls
web_certificate.pfx

[root@ngelinux01 web_certificate]# openssl pkcs12 -in ./web_certificate.pfx -nocerts -out web-encrypted.key
Enter Import Password:
MAC verified OK
Enter PEM pass phrase:
Verifying - Enter PEM pass phrase:
[root@ngelinux01 web_certificate]#

 

2. Extracting the decrypted key.

 
[root@ngelinux01 web_certificate]# ls -ltr
total 12
-rwxrwxrwx 1 root root 6945 Sep 18 17:04 web_certificate.pfx
-rwxrwxrwx 1 root root 2088 Sep 18 21:47 web-encrypted.key

[root@ngelinux01 web_certificate]# file web-encrypted.key
web-encrypted.key: ASCII text  

[root@ngelinux01 web_certificate]# cat web-encrypted.key
Bag Attributes
    Microsoft Local Key set: 
    localKeyID: 01 00 00 00
    friendlyName: tq-a625282d-ed03-4287-bcc9-73c4b71f0ca1
    Microsoft CSP Name: Microsoft RSA SChannel Cryptographic Provider
Key Attributes
    X509v3 Key Usage: 10
-----BEGIN ENCRYPTED PRIVATE KEY-----
MIIFDjBABgkqhkiG9w0BBQ0wMzAbBgkqhkiG9w0BBQwwDgQI9x1u/sYpqF4CAggA


[root@ngelinux01 web_certificate]# openssl rsa -in ./web-encrypted.key -out web-decrypted.key
Enter pass phrase for ./web-encrypted.key:
writing RSA key
[root@ngelinux01 web_certificate]# ls -ltr
total 16
-rwxrwxrwx 1 root root 6945 Sep 18 17:04 web_certificate.pfx
-rwxrwxrwx 1 root root 2088 Sep 18 21:47 web-encrypted.key
-rwxrwxrwx 1 root root 1679 Sep 18 21:50 web-decrypted.key

0 0 votes
Article Rating
Subscribe
Notify of
guest

0 Comments
Newest
Oldest Most Voted
Inline Feedbacks
View all comments