Connecting to wpa2 enterprise network through a p12 certificate

Question

I have a wpa2 enterprise network working with a radius server.
I have a client.p12 certificate with which i have successfully connected my windows pc to the network.
I need to connect an embedded device to the same which requires the text of the certificates pasted into three files cacert.h , client-key.h and client-cert.h.
How to decompose the client.p12 file into the files mentioned above.
I have already obtained the client-key.h and the client-cert.h files using openssl.
How to obtain the cacert.h file ?
Do i need anything more to connect to the network besides this ? Contents of the file client-key.h

    static unsigned char client_key[] = { "\
    -----BEGIN PRIVATE KEY-----\n\
    MIICdwIBADANBgkqhkiG9w0BAQEFAASCAmEwggJdAgEAAoGBANsp73rNO2njvl9J\n\
    TYuP6bBOfyVNO3wzkBblw+wtnCuqq1Np5/ZD5i6emhNNXNGIOnODrmZR1udCbMyn\n\        
    puLdkvei6LLHxbKOheHwCgij0QqZ1mB9PHbGEPW3+Pmxuquhy/LVegGNweGRCTe6\n\
    yCte7x+DUO9p5YFabGIPCcD6lL4nAgMBAAECgYBAgTo8AZXAF8jbUL7jGctlGeVw\n\
    PCgK6T46jwu4QsBZVdUxKtWb9OYVyJZ+oeF0xky13QcClInU7QcKwTlsQlzTvE0s\n\
    Nh30lrgh3vbHx2TtXHRzuRXq5Tfw1FBoOKjRLriGs+knUkaNj28MpfGulJG+t8Rt\n\
    o5UI+S7IAlHvkQRiKQJBAPu8M8VHEtP1TZbGItHoy4MZ46//JeUnvKZWoNW4um3y\n\
    Y9cft0sWF4WVXxxu7MaF1qQVwfd7rUKp69VtWwV5J0UCQQDe4HfnzYP37I7/ti9K\n\
    VuxfsaRfAjQafH/lrL6/COKtEK8ea1deBqMQywBGWiPZbPGhK5Pnui6Tv4a1EOm7\n\
    4WB7AkBQcM1iRtnfXU2T1nCd/vO5SvaU8MVdOptv09LFOKhqJcB9p6bcmYyepSKl\n\
    ZVTIA1CZUlKPELhGyyGPK8igMRy5AkEAn6VqPkCYJx7rz39QoI9jAajddLC/YbmM\n\
    Y5g5id1zgURSLBf3nQJkC8NdjwdCZpwC+M+eQn66nlqyw0A6LLpjwQJBAI/aZbb7\n\
    EMa/64dIjKWS8FIDECBWmyxt2Fh6vJI1uoWU2Fbt9Z2r6Z4JxhWe56kcHnasuDql\n\
    ae+oK/9MXLpdc0c=\n\
    -----END PRIVATE KEY-----\n\
    " };

    unsigned int client_key_size = sizeof(client_key);

Contents of the file client-cert.h

    static unsigned char client_cert[] = { "\
    -----BEGIN CERTIFICATE-----\n\
    MIIECDCCA3GgAwIBAgIBAjANBgkqhkiG9w0BAQsFADCBnjELMAkGA1UEBhMCVVMx\n\
    EzARBgNVBAgTCkNhbGlmb3JuaWExFDASBgNVBAcTC1NhbnRhIENsYXJhMRAwDgYD\n\
    VQQKEwdNYXJ2ZWxsMQswCQYDVQQLEwJCVTETMBEGA1UEAxMKTWFydmVsbCBDQTEQ\n\
    MA4GA1UEKRMHRWFzeVJTQTEeMBwGCSqGSIb3DQEJARYPYWJjQG1hcnZlbGwuY29t\n\
    MB4XDTEzMDkxMDExMTgzNVoXDTIzMDkwODExMTgzNVowgZsxCzAJBgNVBAYTAlVT\n\
    MRMwEQYDVQQIEwpDYWxpZm9ybmlhMRQwEgYDVQQHEwtTYW50YSBDbGFyYTEQMA4G\n\
    A1UEChMHTWFydmVsbDELMAkGA1UECxMCQlUxEDAOBgNVBAMTB2NsaWVudDExEDAO\n\
    BgNVBCkTB0Vhc3lSU0ExHjAcBgkqhkiG9w0BCQEWD2FiY0BtYXJ2ZWxsLmNvbTCB\n\
    nzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA2ynves07aeO+X0lNi4/psE5/JU07\n\
    fDOQFuXD7C2cK6qrU2nn9kPmLp6aE01c0Yg6c4OuZlHW50JszKem4t2S96LossfF\n\
    so6F4fAKCKPRCpnWYH08dsYQ9bf4+bG6q6HL8tV6AY3B4ZEJN7rIK17vH4NQ72nl\n\
    gVpsYg8JwPqUvicCAwEAAaOCAVUwggFRMAkGA1UdEwQCMAAwLQYJYIZIAYb4QgEN\n\
    BCAWHkVhc3ktUlNBIEdlbmVyYXRlZCBDZXJ0aWZpY2F0ZTAdBgNVHQ4EFgQUBt/C\n\
    cmVQ/aUU0dOMWkXArG03IZQwgdMGA1UdIwSByzCByIAUtqXThrziw2LZKlnp8Ff/\n\
    QHPtRcmhgaSkgaEwgZ4xCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlh\n\
    MRQwEgYDVQQHEwtTYW50YSBDbGFyYTEQMA4GA1UEChMHTWFydmVsbDELMAkGA1UE\n\
    CxMCQlUxEzARBgNVBAMTCk1hcnZlbGwgQ0ExEDAOBgNVBCkTB0Vhc3lSU0ExHjAc\n\
    BgkqhkiG9w0BCQEWD2FiY0BtYXJ2ZWxsLmNvbYIJAOt7HbxXB0MCMBMGA1UdJQQM\n\
    MAoGCCsGAQUFBwMCMAsGA1UdDwQEAwIHgDANBgkqhkiG9w0BAQsFAAOBgQAvwYD4\n\
    r7Ie0ZWRuzkI+zzG3WiLYt8pYHYAG0wDPNYt1aqT7QUyZSludQfWuq9JGimBciqq\n\
    IM6rtpkqWiNJ8S/n5FK8dj+OGA2t/sgGREgUaXOtUDDu4fgJi+ejUbykaI+yiHyr\n\
    Ayi0mm2qbJxojMdbtl1KNosyA8T8wJwMMXqSsg==\n\
    -----END CERTIFICATE-----\n\
    " };

    unsigned int client_cert_size = sizeof(client_cert);

Contents of file cacert.h

    static unsigned char ca_cert[] = { "\
    -----BEGIN CERTIFICATE-----\n\
    MIIDxTCCAy6gAwIBAgIJAOt7HbxXB0MCMA0GCSqGSIb3DQEBCwUAMIGeMQswCQYD\n\
    VQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTEUMBIGA1UEBxMLU2FudGEgQ2xh\n\
    cmExEDAOBgNVBAoTB01hcnZlbGwxCzAJBgNVBAsTAkJVMRMwEQYDVQQDEwpNYXJ2\n\
    ZWxsIENBMRAwDgYDVQQpEwdFYXN5UlNBMR4wHAYJKoZIhvcNAQkBFg9hYmNAbWFy\n\
    dmVsbC5jb20wHhcNMTMwOTEwMTExODIxWhcNMjMwOTA4MTExODIxWjCBnjELMAkG\n\
    A1UEBhMCVVMxEzARBgNVBAgTCkNhbGlmb3JuaWExFDASBgNVBAcTC1NhbnRhIENs\n\
    YXJhMRAwDgYDVQQKEwdNYXJ2ZWxsMQswCQYDVQQLEwJCVTETMBEGA1UEAxMKTWFy\n\
    dmVsbCBDQTEQMA4GA1UEKRMHRWFzeVJTQTEeMBwGCSqGSIb3DQEJARYPYWJjQG1h\n\
    cnZlbGwuY29tMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCuY7iZthDy4lM/\n\
    0Mr6HZF6C3qNIKxlR1rXMxvDlq3D1ynjGAaPZo5QmAMx1wD5BDvyWUEbite9Z/lH\n\
    B3/Xr1weS89lh/IRoFty4ads1131haFgK99XrchyRW4nWgYwoZ5UaeMF2/9czsr+\n\
    hPb3QgUkJY6jpcWp126iFb172DY12wIDAQABo4IBBzCCAQMwHQYDVR0OBBYEFLal\n\
    04a84sNi2SpZ6fBX/0Bz7UXJMIHTBgNVHSMEgcswgciAFLal04a84sNi2SpZ6fBX\n\
    /0Bz7UXJoYGkpIGhMIGeMQswCQYDVQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5p\n\
    YTEUMBIGA1UEBxMLU2FudGEgQ2xhcmExEDAOBgNVBAoTB01hcnZlbGwxCzAJBgNV\n\
    BAsTAkJVMRMwEQYDVQQDEwpNYXJ2ZWxsIENBMRAwDgYDVQQpEwdFYXN5UlNBMR4w\n\
    HAYJKoZIhvcNAQkBFg9hYmNAbWFydmVsbC5jb22CCQDrex28VwdDAjAMBgNVHRME\n\
    BTADAQH/MA0GCSqGSIb3DQEBCwUAA4GBAKyjrP0qFCWDn67khOQ0z97E+tgMVvdM\n\
    9uWU4kmMXG0BtYL/83E8hlS1zegc1dK96WYUnSe4O3ZJ1KhBfGyONdhB/0tZDySr\n\
    429x0lc8/RavorNv6HwehdsP3SWo4D1TUTF/smOOhlDaRWbSnySeB8RC3V46m45I\n\
    XCK42k05eeQ0\n\
    -----END CERTIFICATE-----\n\
    " };

    unsigned int ca_cert_size = sizeof(ca_cert);

Answer 1

The .h files contain a "modified" PEM format of the certs/keys. I say "modified" because they are adding "\\n\\" at the end of every line.

To get the PEM files from your p12 file, you'll need to use this openssl command:

openssl pkcs12 -in client.p12 -nodes -out client.pem

It will prompt you to "Enter Import Password". This is the password protecting the client.p12 file.

The output client.pem file should contain the private key, client certificate, and CA certificate all in PEM format. You can copy the different pieces from the file and paste them at the appropriate spots in the .h files. You'll then need to go back and add the "\\n\\" at the end of the lines like you have in the example files in your question.

The only tricky part will be not mixing up the CA cert with the client cert. You can look at the "subject" and "issuer" fields to figure that out.