How to extract private key from pfx and remove passphrase using OpenSSL

Posted on 22.07.2015 by abatishchev

When I tried to enable SSL for BitTorrent Sync installed on my new NAS Synology 215j it turned out it requires not pfx but private and public keys separately in base64 encoded form.

Here’s the command to extract certificate itself. It will prompt for existing pfx’s passphrase (password):

openssl pkcs12 -in synology.pfx -clcerts -nokeys -out synology.cer

To extract private key. It will prompt for pfx’s passphrase and for a passphrase to add to the key:

openssl pkcs12 -in synology.pfx -nocerts -out synology.private.key

To remove the passphrase:

openssl rsa -in synology.private.key -out synology.key

Now private key doesn’t contain any.

This entry was posted in Infrastructure and tagged ssl. Bookmark the permalink.

1 Response to How to extract private key from pfx and remove passphrase using OpenSSL

Leandro Teixeira says:

16.01.2023 at 11:00

Thank you very much. It worked like a charm.

Reply

Leave a Reply Cancel reply

Enter your comment here...

Fill in your details below or click an icon to log in:

Email (required) (Address never made public)

Name (required)

Website

You are commenting using your WordPress.com account. ( Log Out / Change )

You are commenting using your Facebook account. ( Log Out / Change )

Cancel

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.

%d bloggers like this: