If you have a PFX Certificate from a Windows environment and want to utilize it for example on an Apache server running on Linux, the certificate and key needs to be extracted and referenced in the Apache configuration file.
Start by extracting the certificate from the PFX. When prompted for a password specify the password for the PFX file.
openssl pkcs12 -in MyCertificate.pfx -clcerts -nokeys -out MyCertificate.crt
Next we need to extract the key. When prompted for a password specify the password for the PFX file, then specify a passphrase to protect the key file.
openssl pkcs12 -in MyCertificate.pfx -nocerts -out MyEncryptedKeyFile.key
Ideally the encrypted key file is recommended, however that will require us to type in the passphrase every time our Apache service starts. To remediate this we can remove the passphrase from the key, though its not really secure.
openssl rsa -in MyEncryptedKeyFile.key -out MyUnencryptedKeyFile.key
Finally reference the certificate and key file in the Apache configuration file. The service should not prompt you to enter the passphrase if the unencrypted key file is used.
SSLCertificateFile /path/to/MyCertificate.crt SSLCertificateKeyFile /path/to/MyUnencryptedKeyFile.key
