Treg's blog

April 20th, 2007

OpenVPN pkcs12 key conversion

Posted by Treg in HOWTO Ubuntu, Howto's, Linux, Tech

Since the latest network-manager-openvpn doens’t support pkcs12 certs, I needed to convert the pkcs12 key into other keys. This is how I managed to do it.

Extract CA cert, client cert and private key to a single PEM file
> openssl pkcs12 -in client.p12 -out client.pem

Extract client cert to client.cer (no private key or CA cert)
> openssl pkcs12 -in client.p12 -out client.crt -clcerts -nokeys

Extract client private key to client.key (no certs)
> openssl pkcs12 -in client.p12 -out client.key -nocerts

One Response to ' OpenVPN pkcs12 key conversion '

Subscribe to comments with RSS

  1. IPCOP with OpenVPN and Fiesty’s Network Manager at It all flows together said,

    on May 10th, 2007 at 22:18

    […] with Fiesty’s network-manager-openpvn package you first have to follow this guy’s great blog post about splitting the .p12 file up. (the .p12 file is found inside the client package zip […]

Sorry, the comment form is closed at this time.