OS4X Core - handle PFX/PKCS

From OS4X
Jump to navigation Jump to search

What is PFX, what is PKCS#12

The file format PKCS#12 (also known as "PFX") is an archive format for certificate and private key transport. You can handle this file format manually in order to import certificate and private key information to OS4X.

PFX files can be secured by a password, so when prompted for a password please provide this in the commands below.

Example assumptions

We assume in the examples below that you have a PKCS#12 file with the following name:

test.pfx

Extract public certificate & private key into one file (most common use-case)

The resulting file "cert_key.pem" will contain the public certificate and private key in one file, which then can be used to import into OS4X seamlessly:

openssl pkcs12 -in test.pfx -out cert_key.pem -nodes

Extract public certificate

This command will output the public certificate to the output file "cert.pem":

openssl pkcs12 -in test.pfx -nokeys -out cert.pem

Extract private key

The following command will extract the private key to the output file "key.pem" without encryption:

openssl pkcs12 -in test.pfx -nocerts -out key.pem -nodes