This solution describes how to extract the certificate chain from a keystore (p12 or pfx), using different tools (OpenSSL, Keystore Explorer, Windows Cert Manager mmc).
Run this OpenSSL command:
openssl pkcs12 -in INFILE.p12 -out OUTFILE.crt -nokeys
Change the name of the p12-file to match your environment.
After you run the command, enter the keystore password (when prompted for it).
Launch Keystore Explorer
Open an existing KeyStore
Point to your p12/pfx file
Enter the password
Right click the first entry in the list and select Export->Export Certificate Chain
Save to a file
Doubleclick the p12/pfx file in Window
Import to Computer Account->Local Computer
Open mmc.exe
Select File->Add/remove snap-in
Select Certificates
Select Computer account
Select Local Computer
Find the newly imported certificates (under Personal)
Right click and select Export
Do not export the private key
Select format = Base64 encoded (X509)
Last updated 1 year ago
