When moving certificates from Windows servers to Linux you may need to export the private key and certificate from a pfx file. This is how it’s done:
1. Export the private key
openssl pkcs12 -in cert.pfx -nocerts -out cert.key.wpass
Replace cert.pfx with the certificate exported from Windows. The private key will be exported to cert.key.wpass including a password that you need to selecting in this step
2. Remove the password from the private key (optional but may be required when the key is used with Apache or other background services)
openssl rsa -in cert.key.wpass -out cert.key
Here you need to type the password selected in step 1
3. Export the certificate
openssl pkcs12 -in cert.pfx -clcerts -nokeys -out cert.cer
Now you have the certificate and key in cert.key and cert.cer which can be used with any service