Hi Michael,
openssl pkcs12 -in "inCert.p12" -out "out.pem" -passin pass: -nodes
is sufficient to convert all credentials in the PKCS#12 file to a single
PEM file with the key being stored unencrypted.
Since OpenSSL 3.0, the outdated -nodes option has been deprecated; so
there better use -noenc.
I used the following config input for openssl 3.0.3 based on my
previous successes with 1.1.1m (and earlier versions) and Ivan
Ristic's latest configuration:
config \
--prefix=/opt/openssl-3.0.3 \
--openssldir=/opt/openssl-3.0.3 \
no-shared