Convert PFX to PEM with Key INCLUDING INTERMEDIATE certificates
Since you want everything, you just need to reduce the number of restrictions you are asking for.
so:
openssl pkcs12 -in ./GoDaddy.pfx -out ./GoDaddy.pem
If you read the documentation you will see what you are asking for:
-nocerts
No certificates at all will be output.
-clcerts
Only output client certificates (not CA certificates).
-nokeys
No private keys will be output.
-nodes
Don't encrypt the private keys at all.
Eitan
Updated on June 12, 2022Comments
-
Eitan almost 2 years
I have a PFX that I want to convert to a CRT and Key or PEM and Key to install on an NGINX endpoint. When I import the pfx to my cert store on my windows machine it creates the certificate, the intermediate chain, and the root CA.
If I take that PFX and run the following openssl commands I and bind it to the endpoint, I don't get all the certificates in the chain:
openssl pkcs12 -in ./GoDaddy.pfx -clcerts -nokeys -out pcc.crt -nodes -nokeys openssl pkcs12 -in ./GoDaddy.pfx -nocerts -nodes -out pcc.rsa -nodes -nokeys
Is there a switch or command I can run to convert the PFX to a crt / rsa or pem /key with all of the certificates up the chain to the root CA?