Certificate game

This is some basics what one can do with Windows 7 certificates (assuming that it has been extracted with the private key):

Extract certificate with the private keys from the Windows machine. It will generate a PFX file.
Use a tool called crackpkcs12 to get the password:

Crack password:

crackpkcs12 -d /usr/share/wordlists/mil-dic.txt mycert.pfx

Convert PFX to PEM

openssl pkcs12 -in mycert.pfx -out mycert.cer -nodes</p>

Show details of PEM:

openssl x509 -in mycert.cer -inform pem -noout -text</p>

Export private key from the PFX file:

openssl pkcs12 -in mycert.pfx -nocerts -out mykey.pem -nodes</p>

Export certificate:

openssl pkcs12 -in mycert.pfx -nokeys -out mycert.pem</p>

Remove passphrase from private key:

openssl rsa -in mykey.pem -out my.key</p>

Other stuff

Converting Certificates between different Formats


Convert PEM to DER

openssl x509 -outform der -in certificate.pem -out certificate.der

Convert PEM to P7B

openssl crl2pkcs7 -nocrl -certfile certificate.cer -out certificate.p7b -certfile CAcert.cer

Convert PEM to PFX

openssl pkcs12 -export -out certificate.pfx -inkey privateKey.key -in certificate.crt -certfile CAcert.crt


Convert DER to PEM

openssl x509 -inform der -in certificate.cer -out certificate.pem


Convert P7B to PEM

openssl pkcs7 -print_certs -in certificate.p7b -out certificate.cer

Convert P7B to PFX

openssl pkcs7 -print_certs -in certificate.p7b -out certificate.cer
openssl pkcs12 -export -in certificate.cer -inkey privateKey.key -out certificate.pfx -certfile CAcert.cer


Convert PFX to PEM

openssl pkcs12 -in certificate.pfx -out certificate.cer -nodes