1. Home
  2. Knowledge Base
  3. SSL Certificate Guides
  4. SSL Certificate Management
  5. How to split a .pfx file into .pem and .key files using OpenSSL for Windows 10 or Linux

How to Split a .pfx File into .pem and .key Files Using OpenSSL for Windows 10 or Linux

Use the instructions in this guide to use OpenSSL to split a .pfx file into .pem and .key files.


  • A .pfx file
  • OpenSSL for Windows 10 or Linux

Note: OpenSSL will use the current path in the command prompt – remember to navigate the command prompt to the correct path before running OpenSSL.

Remember to change the details of the commands to fit your filenames and setup.

  1. The following command will generate a private key file without a password from your .pfx file (requires password):

pkcs12 -in certificate.pfx -out privateKey.key -nocerts -nodes

  1. The following command will generate a .pem certificate file from your .pfx file which will include any intermediate and root certificates that may be included in the .pfx file. (requires password):

pkcs12 -in certificate.pfx -out certificate.pem -nokeys -clcerts

The .key and .pem files will be available at the path used in the command prompt.


Go for the TRUSTZONE

TRUSTOZONE was founded in 2004 and has since come a long way being the
leading SSL/TLS certificate provider in Scandinavia. We also lead the way in
supplying the scalable PKI and IoT solutions for encryption, authentication,
and automated certificate lifecycle management.

The solutions we offer meet the requirements of various types of companies
and organizations. What your business is certain to gain is a complete palette
of compatibility-optimized, fully scalable certificate products and solutions.

Certificate Lifetime gets shortened as new challenges emerge and that is where
our SL360 platform can assist with SSL monitoring and SSL certificates renewal.

Our options fit all company sizes — from singlehandedly run operations and
startups needing one or two SSL/TLS certificates to market’s giants looking for
full-scale, enterprise-grade solutions.

According to recent numbers, digital certificates are harvested and hacked
every ten minutes or less on average. That is the only reason you need to decide
to monitor your SSL certificates.

Over 16 years of experience with PKI, SSL/TLS, and certificate management in
our line of work truly stands for something. More than 3,000 companies and more
than 80% of the Danish banking sector is protected by TRUSTZONE certificates.


Follow us on LinkedIn to get the latest updates, news and insights.

Was this article helpful?