Это старая версия документа!
Экстрагируем сертификат:
openssl pkcs12 -in [yourfile.pfx] -clcerts -nokeys -out [certificate.crt]
Получаем RSA ключ с паролем
openssl pkcs12 -in [yourfile.pfx] -nocerts -out [keyfile-encrypted.key]
Получаем RSA ключ без пароля:
openssl rsa -in [keyfile-encrypted.key] -out [keyfile-decrypted.key]
Получаем PEM ключ:
openssl rsa -in [keyfile-encrypted.key] -outform PEM -out [keyfile-encrypted-pem.key]
<code> openssl s_client -connect [ip-or-host]:25 -CAfile CA-cert.pem -starttls smtp | openssl x509 -enddate -noout