Convert a DER to PEM

openssl x509 -inform der -in myder_certificate.cer -out mypem_certificate.cer

Convert a PFX to PEM

openssl pkcs12 -in mypfx.pfx -out mypem.pem -nodes

Convert a PFX to PEM without keys

openssl pkcs12 -in mypfx.pfx -out mypem.pem -nodes -nokeys

Convert a PFX to PEM keys only

openssl pkcs12 -in mypfx.pfx -out mypem.pem -nodes -nocerts

Confirm a private key againt a certificate. Both should output the same value.

openssl rsa -noout -modulus -in mycertificate.key | openssl md5
openssl x509 -noout -modulus -in mycertificate.cer | openssl md5

Create a new certificate request

req -new -nodes -newkey rsa:2048 -sha256 -keyout my_key.key -out my_csr.csr -subj /C=AU/ST=NSW/L=Sydney/O=Neurohr/CN=jasonneurohr.com

Inspect a CSR

openssl req -in mycsr.csr -noout -text

Create a self-signed certificate

openssl req -newkey 2048 -nodes -keyout mykey.pem -x509 -sha256 -days 365 -out mycert.pem

Convert a P7B to PEM on a Windows Computer (Non-openssl)

Double click the .p7b file, which will open it in a new MMC window.

Right click the certificate you wish to convert to PEM format and select All Tasks > Export.

Click Next.

Check Base-64 encoded X.509 (.CER). Click Next.

Enter a destination file name and click Next.

Click Finish to complete the export. At this point, you now have a PEM certificate format.