Novell is now a part of Micro Focus

My Favorites


Please to see your favorites.

How to convert a SSL PFX file to a PEM file

This document (7004039) is provided subject to the disclaimer at the end of this document.


Novell GroupWise 8
Novell Open Enterprise Server 2 (OES 2) Linux


A certificate server such as Microsoft Certificate Server may only export certificates in a pfx format. If Apache on Linux needs the certificate they need to be converted to pem format.


OpenSSL can be used to export the private key and the cert file from the pfx file.
OpenSSL can be downloaded and installed on Windows or Linux, and is most likely installed on a OES2 Linux server.
On a Linux server with OpenSSL, copy the filename.pfx file to any folder you choose. Open a terminal and perform the following.
To export the private key without a passphrase or password.
Type: openssl pkcs12 -in filename.pfx -nocerts -nodes -out key.pem
To Generate a public version of the private RSAkey
Type: openssl rsa -in key.pem -out server.key
To export the Certificate
Type: openssl pkcs12 -in filename.pfx -clcerts -nokeys -out cert.pem
The directory will now have a file cert.pem and a key.pem.


This Support Knowledgebase provides a valuable tool for NetIQ/Novell/SUSE customers and parties interested in our products and solutions to acquire information, ideas and learn from one another. Materials are provided for informational, personal or non-commercial use within your organization and are presented "AS IS" WITHOUT WARRANTY OF ANY KIND.

  • Document ID:7004039
  • Creation Date:30-JUL-09
  • Modified Date:27-APR-12
    • NovellGroupWise

Did this document solve your problem? Provide Feedback