Extracting the domain certificate:
$ openssl pkcs12 -in certificate.pfx -clcerts -nokeys -out example.com.crt
Extracting the private key:
$ openssl pkcs12 -in certificate.pfx -nocerts -nodes -out example.com.key
Extracting the chain:
# openssl pkcs12 -in certificate.pfx -out example.com-ca.crt -nodes -nokeys -cacerts
--
NOTE: This post is a re-hash of an excellent article at: How to Convert and Use PKCS#12/PFX Certificate on Apache (linoxide.com)
This is part of my personal 'cheat sheet'.
