A follow-up to https://blog.connley.net/2022/12/12/extractpfx-part-1/
TL;DR – I added a Python script to extract certs and keys from PFX files.
For much of the early part of my career, I was mainly a “Windows guy.” (Although interestingly enough, at my very first job in technology we ran most services on PowerPCs and MacOS 7/8. Perhaps that’s a story for another day.) But especially over the last 10 years or so, both because of the nature of my roles and because I want to be flexible, I’ve gradually built up a reasonable amount of experience with Linux. Today I split most of my personal computing time between my primary Windows 10 workstation, my MacBook, and an Ubuntu VM that kind of acts as my utility server/jump host. One of these days maybe I’ll post a full breakdown of my home lab and personal tech inventory.
Anyway, while I primarily use the Ubuntu VM to interact with my Kubernetes cluster, I do also have kubectl on my Windows workstation and occasionally use it. So because of that, and because I haven’t written much Python lately, I figured I’d take what I did with the Bash script from my previous post and do the same in Python.
As you’d imagine, the Python cryptography libraries are a little more elegant than using openssl commands. I included all the user interaction/input validation stuff you’d expect for running it directly from the command line, but of course the extractPfx method can be easily pulled out for use inside other scripts or in automation. I do most of my home lab stuff in VSCode so there’s also a launch config in there for easier debugging.
Feedback, suggestions, and PRs welcome!
https://github.com/mconnley/ExtractPFX