Convert a PFX format TLS certificate file into a PEM text

Before we start, you will need to download and install OpenSSL for your operating system. OpenSSL do not provide binaries, but you can easily get them from your Linux package manager (e.g. apt-get or yum) or you can download Windows x64 binaries from:

• https://slproweb.com/products/Win32OpenSSL.html, or
• https://wiki.openssl.org/index.php/Binaries for other sources.

1. Save the pfx file into a folder and open a command prompt in that folder.
2. Run the following command (You will be prompted for the password for the pfx file):

  openssl pkcs12 -in mycertificate.pfx -out temp.pem -nodes

1. Open temp.pem in your favourite text editor extract the following parts: a) All the lines starting at “—–BEGIN PRIVATE KEY—–” and ending with “—–END PRIVATE KEY—–” are the encryption key; b) All the lines starting at the first “—–BEGIN CERTIFICATE—–” and ending with the first “—–END CERTIFICATE—–” are the certificate; c) The rest of the file contains the intermediate certificate chain (remove any lines not contained within a certificate block).