У меня есть файл pem с именем «mail.domain.com.pem», который содержит закрытый ключ и все сертификаты. При открытии в текстовом редакторе это выглядит так:
Bag Attributes
Microsoft Local Key set: <No Values>
localKeyID: 01 00 00 00
friendlyName: {8FF9C892-00E6-4F1J-ACBC-DE2B2ADD434E}
Microsoft CSP Name: Microsoft Enhanced Cryptographic Provider v1.0
Key Attributes
X509v3 Key Usage: 10
-----BEGIN PRIVATE KEY-----
MIIEpgIBAAKCAQEA35Wz7Sz34c+CA60SL1qf4/JIperMqX8Iq4uF12oUHZ2cvhJl
uQcsqck6kG94IBhmIuvcK/FMLWb5qV938t/qUm9mutR0V7HBr3eRM6C7w3IS1tGO
65a3eXLi2ThuKRW8KvV26SbDV63AMt6gBNK8N5dBgeUTtkUadIcc55PzGTFDMc4N
1h1ulKFQ5xaR5k3P5HhQ1Yz4Xk2RUTysett1Y/zLYUDmdtMxPJ3wET4Y9FiZcht3
891MhppDioZxiUlyfZjS/cPSCM04S/3f7py/ggFrFheerxLajd8MfCjxCA9PPeyF
5HAIAeJxN3LtQW0kH2/+xsrwkut++mR/YY31AQIDAQABAoIBAQDTPP73UAsKfyDZ
FEUgFEEH/bqBd2rRoMGyQWm8ce57ZJPYSE1vGMYry4DXQVl/CU5GJAyqP5m3M5kh
Wp9bCg66v6GRVnRs/fZ+LzsySePb7gS6jNa44naJ+e81R0lc67oR5EPqV8MrLW9v
IEKTC/7jjrZHYQTUqkkqWxUF/hQpcUs/1SIYaSgOJo2JCvPMsb7Etb4E+1BVRVms
+XByfAwFbnnGoijK44tsxwcpckni2HuelMEHRGjwmXPumA11NaMsaAFIh+wlly8J
/4671M7n+KOP8EB9RwCyXfUQ63jIkyM7kAtpRuEI4c1T4godeT2kzhMfaQG0Zjyc
6cWiLYqhAoGBAPayqPUGbn3CPtJpJWpSBmPnuTtkKe3oCtCOBOSOqSnx2T4ul6Aq
E+lPJ1sTMbMPXk6whyoXlxUWCfpg//B0aQ/miDUb/APNmTh8/tkZo7MISZw7sNU6
sdoVffMN45pKQt9N+Vhh41AVVX31meJjC0hjgqK0HrBJ6C3nb6/voyddAoGBAOgD
72o0dfUEXkt1FXoSfZpAHsDKSAmCM9cN8LP4SKCPkw/zdiZV9RxhtxjU1GlQKLIb
I6pZYNmj53ru4bgn+S6pHHvpIondfCsiHR1TfY5xw928JWCbCeE3TK9+MdmbPiUk
K/DAjKjGtUs3RCBDObMPBgbBabB3BZx9qGtGRt31AoGBAKTf0ruviLjT0VienTrp
hwvOGqXu03cE1fV8dRirn7NAx4gfa4bHmHcdR5g+w8CATO8aW7tt+LNG/3Quz97M
bksKL44PHecMyZJPN6Ow1w8YQtn/qrdXevXd10dRyQOdDgRgAH1pLpqfJ3v/YNFE
kI3Ys7450yjOvDWxr5tN9SShAoGBAOG6WmbYrV55JoiBXCjM7phxA7qL0vQ1UdxL
+sANshNMPEcLlgqMHJHFW87z2ciwLTfDAbsNhBWaym4nFUIG2f8UltrTIkBBVTnd
0bejcAdzFZ2YHEFV9ZHBLIGc5EETMa4O+BUeMHtQADgyh7xfyzYzSqit6fa+hZ4P
/xiHYhE1AoGBAITZQ5yESEUZ+O2ifdbZzMrR7vA27nKt035tlm78ihtb11LhPsZZ
wX+mJhY7YSesjC4Z4yBFvBC3ssMLeE+pLPaGAoVu5EOG6qqFz54L+1QaMyS2gLtq
/fgBMSc9tzaYTAag7xGGFcSsOnF6FT1DCK2YdizuWx/c8LrtMVPyZdcN
-----END PRIVATE KEY-----
Bag Attributes
localKeyID: 01 00 00 00
friendlyName: mail.domain.com [Certify] - 4/25/2020 6:58:31 PM to 7/24/2020 6:58:31 PM
subject=/CN=mail.domain.com
issuer=/C=US/O=Let's Encrypt/CN=Let's Encrypt Authority X3
-----BEGIN CERTIFICATE-----
MIIDBzCCAe+gAwIBAgIJAKsl+yvGKS3lMA0GCSqGSIb3DQEBBQUAMBoxGDAWBgNV
BAMMD21haWwuZG9tYWluLmNvbTAeFw0yMDA1MDIwNDEyNDFaFw0zMDA0MzAwNDEy
NDFaMBoxGDAWBgNVBAMMD21haWwuZG9tYWluLmNvbTCCASIwDQYJKoZIhvcNAQEB
BQADggEPADCCAQoCggEBAN+Vs+0s9+HPggOtEi9an+PySKXqzKl/CKuLhddqFB2d
nL4SZbkHLKnJOpBveCAYZiLr3CvxTC1m+alfd/Lf6lJvZrrUdFexwa93kTOgu8Ny
EtbRjuuWt3ly4tk4bikVvCr1dukmw1etwDLeoATSvDeXQYHlE7ZFGnSHHOeT8xkx
QzHODdYdbpShUOcWkeZNz+R4UNWM+F5NkVE8rHrbdWP8y2FA5nbTMTyd8BE+GPRY
mXIbd/PdTIaaQ4qGcYlJcn2Y0v3D0gjNOEv93+6cv4IBaxYXnq8S2o3fDHwo8QgP
Tz3sheRwCAHicTdy7UFtJB9v/sbK8JLrfvpkf2GN9QECAwEAAaNQME4wHQYDVR0O
BBYEFGFez0WCjtthf/CptvU3OKVKqyTlMB8GA1UdIwQYMBaAFGFez0WCjtthf/Cp
tvU3OKVKqyTlMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADggEBAMdPfZxu
PslMbMP5qpmbJ8AAV4TGNSWJF93TKe8YCaJJ0UR+vSviQ8j4iRkmMLSTxnHMJAtm
BMezvJwubA1+7cQ8VtnAeGeccVDxXKx6hS9Mrzij0mWenRZpAcCBiuVh05bvGVQW
h2isNMuCSY0vfMkCSZJHya0hHO5kf4mgQYvraN8vQuuYHdf+3H6bpJHdu2zD+RzW
/vTV3budZCu9UzxtYP0ptxYHNFO8jQj9uNerJMA1ULlPI0igfyfefaqCUsTV2o1M
DWoulv5VAisWPK3Ntqa6WLV37drZjQ41pok/U6EVPoYS0wK0kGUPx0b+VqkVJ07k
ZPYauKOOql++qOg=
-----END CERTIFICATE-----
Bag Attributes
friendlyName: DST Root CA X3
subject=/O=Digital Signature Trust Co./CN=DST Root CA X3
issuer=/O=Digital Signature Trust Co./CN=DST Root CA X3
-----BEGIN CERTIFICATE-----
MIIDSjCCAjKgAwIBAgIQRK+wgNajJ7qJMDmGLvhAazANBgkqhkiG9w0BAQUFADA/
MSQwIgYDVQQKExtEaWdpdGFsIFNpZ25hdHVyZSBUcnVzdCBDby4xFzAVBgNVBAMT
DkRTVCBSb290IENBIFgzMB4XDTAwMDkzMDIxMTIxOVoXDTIxMDkzMDE0MDExNVow
PzEkMCIGA1UEChMbRGlnaXRhbCBTaWduYXR1cmUgVHJ1c3QgQ28uMRcwFQYDVQQD
Ew5EU1QgUm9vdCBDQSBYMzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB
AN+v6ZdQCINXtMxiZfaQguzH0yxrMMpb7NnDfcdAwRgUi+DoM3ZJKuM/IUmTrE4O
rz5Iy2Xu/NMhD2XSKtkyj4zl93ewEnu1lcCJo6m67XMuegwGMoOifooUMM0RoOEq
OLl5CjH9UL2AZd+3UWODyOKIYepLYYHsUmu5ouJLGiifSKOeDNoJjj4XLh7dIN9b
xiqKqy69cK3FCxolkHRyxXtqqzTWMIn/5WgTe1QLyNau7Fqckh49ZLOMxt+/yUFw
7BZy1SbsOFU5Q9D8/RhcQPGX69Wam40dutolucbY38EVAjqr2m7xPi71XAicPNaD
aeQQmxkqtilX4+U9m5/wAl0CAwEAAaNCMEAwDwYDVR0TAQH/BAUwAwEB/zAOBgNV
HQ8BAf8EBAMCAQYwHQYDVR0OBBYEFMSnsaR7LHH62+FLkHX/xBVghYkQMA0GCSqG
SIb3DQEBBQUAA4IBAQCjGiybFwBcqR7uKGY3Or+Dxz9LwwmglSBd49lZRNI+DT69
ikugdB/OEIKcdBodfpga3csTS7MgROSR6cz8faXbauX+5v3gTt23ADq1cEmv8uXr
AvHRAosZy5Q6XkjEGB5YGV8eAlrwDPGxrancWYaLbumR9YbK+rlmM6pZW87ipxZz
R8srzJmwN0jP41ZL9c8PDHIyh8bwRLtTcm1D9SZImlJnt1ir/md2cXjbDaJWFBM5
JDGFoqgCWjBH4d1QB7wCCZAA62RjYJsWvIjJEubSfZGL+T0yjWW06XyxV3bqxbYo
Ob8VZRzI9neWagqNdwvYkQsEjgfbKbYK7p2CNTUQ
-----END CERTIFICATE-----
Bag Attributes: <Empty Attributes>
subject=/C=US/O=Let's Encrypt/CN=Let's Encrypt Authority X3
issuer=/O=Digital Signature Trust Co./CN=DST Root CA X3
-----BEGIN CERTIFICATE-----
MIIEkjCCA3qgAwIBAgIQCgFBQgAAAVOFc2oLheynCDANBgkqhkiG9w0BAQsFADA/
MSQwIgYDVQQKExtEaWdpdGFsIFNpZ25hdHVyZSBUcnVzdCBDby4xFzAVBgNVBAMT
DkRTVCBSb290IENBIFgzMB4XDTE2MDMxNzE2NDA0NloXDTIxMDMxNzE2NDA0Nlow
SjELMAkGA1UEBhMCVVMxFjAUBgNVBAoTDUxldCdzIEVuY3J5cHQxIzAhBgNVBAMT
GkxldCdzIEVuY3J5cHQgQXV0aG9yaXR5IFgzMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAnNMM8FrlLke3cl03g7NoYzDq1zUmGSXhvb418XCSL7e4S0EF
q6meNQhY7LEqxGiHC6PjdeTm86dicbp5gWAf15Gan/PQeGdxyGkOlZHP/uaZ6WA8
SMx+yk13EiSdRxta67nsHjcAHJyse6cF6s5K671B5TaYucv9bTyWaN8jKkKQDIZ0
Z8h/pZq4UmEUEz9l6YKHy9v6Dlb2honzhT+Xhq+w3Brvaw2VFn3EK6BlspkENnWA
a6xK8xuQSXgvopZPKiAlKQTGdMDQMc2PMTiVFrqoM7hD8bEfwzB/onkxEz0tNvjj
/PIzark5McWvxI0NHWQWM6r6hCm21AvA2H3DkwIDAQABo4IBfTCCAXkwEgYDVR0T
AQH/BAgwBgEB/wIBADAOBgNVHQ8BAf8EBAMCAYYwfwYIKwYBBQUHAQEEczBxMDIG
CCsGAQUFBzABhiZodHRwOi8vaXNyZy50cnVzdGlkLm9jc3AuaWRlbnRydXN0LmNv
bTA7BggrBgEFBQcwAoYvaHR0cDovL2FwcHMuaWRlbnRydXN0LmNvbS9yb290cy9k
c3Ryb290Y2F4My5wN2MwHwYDVR0jBBgwFoAUxKexpHsscfrb4UuQdf/EFWCFiRAw
VAYDVR0gBE0wSzAIBgZngQwBAgEwPwYLKwYBBAGC3xMBAQEwMDAuBggrBgEFBQcC
ARYiaHR0cDovL2Nwcy5yb290LXgxLmxldHNlbmNyeXB0Lm9yZzA8BgNVHR8ENTAz
MDGgL6AthitodHRwOi8vY3JsLmlkZW50cnVzdC5jb20vRFNUUk9PVENBWDNDUkwu
Y3JsMB0GA1UdDgQWBBSoSmpjBH3duubRObemRWXv86jsoTANBgkqhkiG9w0BAQsF
AAOCAQEA3TPXEfNjWDjdGBX7CVW+dla5cEilaUcne8IkCJLxWh9KEik3JHRRHGJo
uM2VcGfl96S8TihRzZvoroed6ti6WqEBmtzw3Wodatg+VyOeph4EYpr/1wXKtx8/
wApIvJSwtmVi4MFU5aMqrSDE6ea73Mj2tcMyo5jMd6jmeWUHK8so/joWUoHOUgwu
X4Po1QYz+3dszkDqMp4fklxBwXRsW10KXzPMTZ+sOPAveyxindmjkW8lGy+QsRlG
PfZ+G6Z6h7mjem0Y+iWlkYcV4PIWL1iwBi8saCbGS5jN2p8M+X+Q7UNKEkROb3N6
KOqkqm57TH2H3eDJAkSnh6/DNFu0Qg==
-----END CERTIFICATE-----
Мне нужно программно сделать следующее:
Извлечь ключ publi c в новый файл с именем "mail.domain.com.key", начиная с ----- BEGIN PRIVATE KEY ----- вплоть до ----- END PRIVATE KEY -----. Обратите внимание, что этот новый файл не должен быть зашифрован, его можно открыть любым текстовым редактором.
Извлечь ВСЕ сертификаты в новый файл с именем «mail.domain.com.crt» без дополнительных слов до и после ----- НАЧАТЬ СЕРТИФИКАТ ----- и ----- КОНЕЦ СЕРТИФИКАТА -----. Обратите внимание, что всего должно быть 3 сертификата.
Я могу сделать это с помощью простого текстового редактора, но мне нужно сделать это программно, используя OpenSSL или любую другую командную строку на основе windows.
Спасибо вы.