Difference between revisions of "OS4X Core - handle PFX/PKCS"
| Line 19: | Line 19: | ||
The following command will extract the private key to the output file "<code>key.pem</code>" without encryption: | The following command will extract the private key to the output file "<code>key.pem</code>" without encryption: | ||
openssl pkcs12 -in test.pfx -nocerts -out key.pem -nodes | openssl pkcs12 -in test.pfx -nocerts -out key.pem -nodes | ||
| + | |||
| + | [[Category:Certificate]] | ||
Latest revision as of 07:33, 28 March 2017
What is PFX, what is PKCS#12
The file format PKCS#12 (also known as "PFX") is an archive format for certificate and private key transport. You can handle this file format manually in order to import certificate and private key information to OS4X.
PFX files can be secured by a password, so when prompted for a password please provide this in the commands below.
Example assumptions
We assume in the examples below that you have a PKCS#12 file with the following name:
test.pfx
Extract public certificate & private key into one file (most common use-case)
The resulting file "cert_key.pem" will contain the public certificate and private key in one file, which then can be used to import into OS4X seamlessly:
openssl pkcs12 -in test.pfx -out cert_key.pem -nodes
Extract public certificate
This command will output the public certificate to the output file "cert.pem":
openssl pkcs12 -in test.pfx -nokeys -out cert.pem
Extract private key
The following command will extract the private key to the output file "key.pem" without encryption:
openssl pkcs12 -in test.pfx -nocerts -out key.pem -nodes