http://stackoverflow.com/a/16847082I remembered vaguely being able to do this with openssl on .pem files, so that's the direction I headed.In Keychain Access, export the private key as eg private.p12. Apply a password, or not.Convert it to .pem: openssl pkcs12 -in private.p12 -out private.pem. Enter password from previous step. You're forced to apply a password to the .pem.Extract the public por..
