A client emailed me a new TLS certificate for their server as a p7m file. Normally I’d get this from the CA as a PEM encoded x509 certificate.
Fortunately openssl can easily convert this
openssl pkcs7 -inform DER -in certificate.p7m -print_certs -out certificate.pem
I used a text editor to separate the SSL certificate from the intermediate certificates, since I have Apache configured to expect these in separate file.