Extract certificate chain from .pfx

ssl-certificate windows-server-2008 openssl amazon-ec2

I have a .pfx file that I exported from Windows Server 2008. It includes the private key and certificate chain.

Using openssl I've been able to extract the private key and public certificate but I also need the full certificate authority chain. How can this part be extracted?

The purpose is to move the certificate to AWS EC2 Load Balancer. Only way I've been able to do this so far is exporting the chain certificates using Chrome.


With the pkcs12 context in openssl you can specify what components you want from the pfx file. If you don't want the signed certificate but just issuer certificates, try this:

openssl pkcs12 -in mycerts.pfx -cacerts -out myissuercerts.cer

Related

Is it good idea to set SSLStrictSNIVHostCheck on at the server level?
How do I debug this Nginx to uWSGI timeout?
Using razor2 with spamassassin
Dovecot (with Postfix) configuration has connection refused when accessing auth-userdb
Set up trust between Azure AD and local AD
Trouble with Google Apps Custom Domain SSL
How does this 2048bit SSL requirement affect existing internal PKIs?
How to recover data from Apple raid 0 drives from dead xserve?
HP MSL2024 LTO6 2 Drive & HP ProLiant DL180 G6
How to enable hibernation on Windows Server 2012 with Hyper-V role? [duplicate]
Security implications of having less permission restrictions on a group than owner in Unix?
Podman fails to add container to a pod [firewalld, nftables]