https://slproweb.com/download/Win64OpenSSL-3_1_2.msi
Open a command prompt window in c:\Program Files\OpenSSL\Bin
(or even better, add Openssl to your Path)
Then type:
For the key file:
openssl pkcs12 -in [yourfile.pfx] -nocerts -out [keyfile-encrypted.key]
Example:
openssl pkcs12 -in c:\temp\mycertificate.pfx -nocerts -out c:\temp\keyfile-mycertificate.key
You will be asked for the pfx password (import password), and then asked to enter a password for the .key file (PEM pass phrase)
For the certificate:
openssl pkcs12 -in [yourfile.pfx] -clcerts -nokeys -out [certificate.crt]
Example:
openssl pkcs12 -in c:\temp\mycertificate.pfx -clcerts -nokeys -out c:\temp\certificate-mycertificate.crt
You will only be asked for the pfx password (import password) since the private key will not be exported.
Convert x509 to PEM
Convert PEM to DER
Convert DER to PEM
Convert PEM to P7B
Note: The PKCS#7 or P7B format is stored in Base64 ASCII format and has a file extension of .p7b or .p7c.
A P7B file only contains certificates and chain certificates (Intermediate CAs), not the private key. The most common platforms that support P7B files are Microsoft Windows and Java Tomcat.
Convert PKCS7 to PEM
Convert pfx to PEM
Note: The PKCS#12 or PFX format is a binary format for storing the server certificate, intermediate certificates, and the private key in one encryptable file. PFX files usually have extensions such as .pfx and .p12. PFX files are typically used on Windows machines to import and export certificates and private keys.
Convert PFX to PKCS#8
Note: This requires 2 commands
STEP 1: Convert PFX to PEM
STEP 2: Convert PEM to PKCS8
Convert P7B to PFX
Note: This requires 2 commands
STEP 1: Convert P7B to CER
STEP 2: Convert CER and Private Key to PFX
openssl pkcs12 -export -out domain.name.pfx -inkey domain.name.key -in domain.name.crt
Or with intermediate and root:
openssl pkcs12 -export -out domain.name.pfx -inkey domain.name.key -in domain.name.crt -in intermediate.crt -in rootca.crt