Converting .PFX to .PEM programmatically?

4
votes

I need to programmatically extract certificates and their private keys from a MS certificate store, and get them to the .PEM format somehow. I don't want to use OpenSSL at the command line, as I would like to keep everything in memory, avoiding files.

I can export them from Windows to a PFX-format blob using PFXExportCertStoreEx(). I tested that by writing it to a file and converting it to .PEM with OpenSSL. The resulting .PEM file works fine. So the remaining problem is to get them to the .PEM format in memory.

We've integrated a different SSL library that wants .PEM. (It's not OpenSSL...) So I'd like to accomplish this without also including OpenSSL source into our C++ project. Any ideas?

1
certificatepempfx
Can you tell us the SSL library you are working with?jheddings
It's yaSSL, which seems to want .PEM files.GShultz

1 Answers

1
votes

How about statically linking to OpenSSL .lib files?

I have adapted some examples using OpenSSL to do this, you can find c++ code to convert pfx to pem here: https://github.com/michaelmotes/PKCS12toPEM

And this file contains VB.NET Interop code to convert PFX to PEM using OpenSSL:

https://github.com/michaelmotes/libCurlVB.NET-native/blob/master/LibCurlDecl.vb