Extract public/private key from PKCS12 file for later use in SSH-PK-Authentication

lazydaemon picture lazydaemon · Feb 29, 2012 · Viewed 417.1k times · Source

I want to extract the public and private key from my PKCS#12 file for later use in SSH-Public-Key-Authentication.

Right now, I'm generating keys via ssh-keygen which I put into .ssh/authorized_key, respective somewhere on the client-side.

In future, I want to use the keys from a PKCS#12 container, so I've to extract the public-key first from PKCS#12 and then put them into the .ssh/authorized_keys file. Is there any chance to get this working via openssl? Are the keys in PKCS#12 compatible for ssh-public-key authentication?

Answer

Nilesh picture Nilesh · Mar 1, 2012

You can use following commands to extract public/private key from a PKCS#12 container:

  • PKCS#1 Private key

    openssl pkcs12 -in yourP12File.pfx -nocerts -out privateKey.pem
    
  • Certificates:

    openssl pkcs12 -in yourP12File.pfx -clcerts -nokeys -out publicCert.pem