RMG or Experts,
How do i extract a privatekey in .der format from a .p12 file…i was able to extract …I was able to extract CA certificate and user certificates successfully…I am being prompted for a pem pass phrase while extracting a private key…finally i get a privatekey.der…but an invalid private key…plz help me to extract private key correctly …I followed the below steps in extracting …
"You can use a PKCS #12 certificate but before using it you need to extract the private key, certificate and trusted root from it into a DER encoded X509 format. You can use openssl for this purpose. Here are the list of steps -
- Extract private key from pkcs12 file -
$ openssl.exe pkcs12 -in c:/p12.cert -out c:/privKey.txt -nocerts
Enter the password when prompted for. This extracts the private key in PEM format.
- Extract the user certificate from pkcs12 file -
$ openssl.exe pkcs12 -in c:/p12.cert -out c:/cert.txt -nokeys -clcerts
This extracts the user certificate in PEM format.
- Extract the CA certificate(s) from the pkcs12 file -
$ openssl.exe pkcs12 -in c:/p12.cert -out c:/cacert.txt -nokeys -cacerts
This extracts the CA certificate(s) in PEM format. If you open the file, there may be more than one certificate in the file. Copy each of them into a separate file named appropriately
-
Convert all the files created (except the privKey.txt file) into DER format -
$ openssl.exe x509 -in c:/cert.txt -outform DER -out c:/cert.der
$ openssl.exe x509 -in c:/ServerRootCA.txt -outform DER -out c:/ServerRootCA.der
$ openssl.exe x509 -in c:/ServerSub-CA.txt -outform DER -out c:/ServerSub-CA.der -
Convert the privKey.txt file into DER format -
$ openssl.exe rsa -inform PEM -outform DER -in c:/privKey.txt -out privKey.der"
Thanks