0

Given a .pfx file is a there a way i can programmatically get .crt and .key file from it?

I even explored generating X509Certificate2 from .pfx file and then tried getting .crt and .key but failed to do so

Currently my application contains - ca.crt - my_client_cert.pfx - my_client_cert.crt - my_client_cert.key

Note : the pfx file is generated using 

openssl pkcs12 -export -out my_client_cert.pfx -inkey my_client_cert.key -in my_client_cert.crt

It seems redundant to have same files twice, so was looking for removing redundancy

Krishna Prasad S
  • 141
  • 2
  • 17
  • Are the .crt and .key PEM format? There's some notes about writing PEM [in this old answer](https://stackoverflow.com/a/48079164/243245) which says it wasn't possible with built-in code back then but support is being added to .NET Core 3. – Rup Feb 26 '20 at 05:36
  • Or it might be easier to do this with command-line tools e.g. openssl if it's something you can script rather than need to build into an existing program. – Rup Feb 26 '20 at 05:38
  • OK, so you now just want to know how to split a .pfx into a .cer and .key using OpenSSL so you can be sure you can get them back if you ever need them again? And this isn't something you need to do in C# using the X509Certificate2 classes? – Rup Feb 26 '20 at 11:01
  • I've just tried a round trip crt+key -> pfx -> crt+key using openssl and I didn't get back exactly the same .key file ('BEGIN RSA PRIVATE KEY' instead of 'BEGIN PRIVATE KEY'). But I'd guess they're equivalent, and maybe I made a wrong choice along the way. – Rup Feb 26 '20 at 11:13

0 Answers0