openssl req -in [file.csr] -noout -text
openssl x509 -in [certificate.crt] -text -noout
openssl pkcs12 -info -in [cert.pfx]
openssl pkcs12 -info -in [STAR_example_org.pfx] -passin file:[password.txt]
openssl pkcs12 -in [yourfile.pfx] -nocerts -out [keyfile-encrypted.key]
openssl rsa -in [keyfile-encrypted.key] -out [keyfile-decrypted.key]
openssl pkcs12 -in [yourfile.pfx] -clcerts -nokeys -out [certificate.crt]
openssl x509 -req -days 730 -in [www_example_org.csr] -signkey [www_example_org.key] -out [www_example_org.crt]
openssl pkcs12 -export -out [domain.name.pfx] -inkey [domain.name.key] -in [domain.name.crt]
Also adding the cert-chain:
openssl pkcs12 -export -out [domain.name.pfx] -inkey [domain.name.key] -in [intermediate/root.crt] -in [domain.name.crt]
https://stackoverflow.com/questions/991758/how-to-get-pem-file-from-key-and-crt-files
openssl rsa -in [file1.key] -out [file2.key]
- [1] https://www.sslshopper.com/article-most-common-openssl-commands.html
- [2] https://www.markbrilman.nl/2011/08/howto-convert-a-pfx-to-a-seperate-key-crt-file/
- [3] https://stackoverflow.com/questions/6307886/how-to-create-pfx-file-from-certificate-and-private-key
- [4] https://knowledge.digicert.com/solution/SO5292.html