Last active
April 26, 2021 21:05
-
-
Save Wind010/5bf66f449a7afefdf52b0c57ca211621 to your computer and use it in GitHub Desktop.
Wrapper around openssl to extract RSA private key
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ### Requires openssl (https://www.openssl.org/). | |
| ### Usage: | |
| ### .\extract_rsa_privatekey.ps1 .\YOUR_CERTIFICATE.pfx (ConvertTo-SecureString "YOUR_STRONG_PASSWORD" -AsPlainText -Force) | |
| param( | |
| [Parameter(Mandatory=$true)][string] $certificatePfxPath, | |
| [SecureString] $password, | |
| [string] $pathToOpenSsl = '.' | |
| ) | |
| try | |
| { | |
| # Export the private key | |
| & "$pathToOpenSsl\openssl.exe" pkcs12 -in $certificatePfxPath -nocerts -out key.pem -nodes -password pass:$(ConvertFrom-SecureString $password -AsPlainText) | |
| # Export the certificate | |
| & "$pathToOpenSsl\openssl.exe" pkcs12 -in $certificatePfxPath -nokeys -out cert.pem -password pass:$(ConvertFrom-SecureString $password -AsPlainText) | |
| # RSA key without password in plaintext | |
| & "$pathToOpenSsl\openssl.exe" rsa -in key.pem -out rsa_private.key | |
| } | |
| finally | |
| { | |
| Remove-Item key.pem -Force -Confirm:$false | Out-Null | |
| Remove-Item cert.pem -Force -Confirm:$false | Out-Null | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment