Today I had to create a new certificate at customer site because of a Shitrix attack and had to extract the private key from the PFX file.
It´s quite easy running the following command:
openssl pkcs12 -in path:/myfile.pfx -nocerts -out path:/private-key.pem -nodes
Enter Import Password: password
With this command you extract the private key AND the certificate which you can use for creating the KYR file needed for your Domino environment. You can find your private key and the certificate in the file “path:/private-key.pem” and can copy the text between and encluding —BEGIN PRIVATE KEY— and —END CERTIFICATE—.