This for my future reference, ie when I have to deal with apache based certs ( vs IIS )
Download and install windows port of OpenSSLĀ here
** you will need to know your password if you password protect your cert **
Command to enter. 1st part ( extract the .key )
openssl
pkcs12 -in [yourfile.pfx] -nocerts -out [keyfile-encrypted.key]
eg
openssl pkcs12 -in d:\temp\star.name_of_cert_godaddy.pfx -nocerts -out d:\temp\star.name_of_cert_godaddy.key
** eg I have installed the openssl app in C, I have placed my temp cert in D:\temp
2nd part ( extract the .crt )
openssl
pkcs12 -in [yourfile.pfx] -clcerts -nokeys -out [certificate.crt]
eg
openssl pkcs12 -in d:\temp\star.name_of_cert_godaddy.pfx -clcerts -nokeys -out d:\temp\star.name_of_cert_godaddy.crt
Sometimes you need unencrypted key files
openssl
rsa -in [keyfile-encrypted.key] -out [keyfile-decrypted.key]
eg
openssl rsa -in d:\temp\star.name_of_cert_godaddy.key -out d:\temp\star.name_of_cert_godaddy.nopass.key
If you need it in PEM format
openssl
rsa -in [keyfile-encrypted.key] -outform PEM -out [keyfile-encrypted-pem.key]
openssl rsa -in d:\temp\star.name_of_cert_godaddy.nopass.key -outform PEM -out d:\temp\star.name_of_cert_godaddy.nopass.pem.key
note self – no more searching internet, see your own notes.