Difference between revisions of "OS4X Core - handle PFX/PKCS"

From OS4X
Jump to navigation Jump to search
 
(One intermediate revision by the same user not shown)
Line 7: Line 7:
 
We assume in the examples below that you have a PKCS#12 file with the following name:
 
We assume in the examples below that you have a PKCS#12 file with the following name:
 
  test.pfx
 
  test.pfx
 +
 +
= Extract public certificate & private key into one file (most common use-case) =
 +
The resulting file "<code>cert_key.pem</code>" will contain the public certificate and private key in one file, which then can be used to import into OS4X seamlessly:
 +
openssl pkcs12 -in test.pfx -out cert_key.pem -nodes
  
 
= Extract public certificate =
 
= Extract public certificate =
Line 15: Line 19:
 
The following command will extract the private key to the output file "<code>key.pem</code>" without encryption:
 
The following command will extract the private key to the output file "<code>key.pem</code>" without encryption:
 
  openssl pkcs12 -in test.pfx -nocerts -out key.pem -nodes
 
  openssl pkcs12 -in test.pfx -nocerts -out key.pem -nodes
 +
 +
[[Category:Certificate]]

Latest revision as of 07:33, 28 March 2017

What is PFX, what is PKCS#12

The file format PKCS#12 (also known as "PFX") is an archive format for certificate and private key transport. You can handle this file format manually in order to import certificate and private key information to OS4X.

PFX files can be secured by a password, so when prompted for a password please provide this in the commands below.

Example assumptions

We assume in the examples below that you have a PKCS#12 file with the following name:

test.pfx

Extract public certificate & private key into one file (most common use-case)

The resulting file "cert_key.pem" will contain the public certificate and private key in one file, which then can be used to import into OS4X seamlessly:

openssl pkcs12 -in test.pfx -out cert_key.pem -nodes

Extract public certificate

This command will output the public certificate to the output file "cert.pem":

openssl pkcs12 -in test.pfx -nokeys -out cert.pem

Extract private key

The following command will extract the private key to the output file "key.pem" without encryption:

openssl pkcs12 -in test.pfx -nocerts -out key.pem -nodes