Extracting private key from an installed certificate

#1

Is it possible to extract a private key from an installed certificate into a .pem or .bin format?

If yes, could someone guide me?

Thanks

0 Likes

#2

Hi,

The next major release of the app will include .pem output by default to make this easier (probably a while away currently though). You can use openssl from the command line though:

Given a file original.pfx:

To export the private key as .pem
openssl pkcs12 -in original.pfx -passin pass: -out private.key -nocerts -nodes

To export the domain certificate (and intermediate certs in the chain):
openssl pkcs12 -in original.pfx -out certificates.pem -nokeys -passin pass:

You can use the scripting option of certify (Show Advanced Options> Scripting) to automate this when renewals happen if required https://docs.certifytheweb.com/docs/script-hooks.html

0 Likes

#3

Note you will also find the .pfx file for your current cert under C:\ProgramData\Certify\certes\assets\pfx and in the next version this will be moved to a more organised folder structure.

0 Likes