Home > Others

Openssl PKCS12 Command

Source: Internet
Author: User
Tags pkcs12
Developer on Alibaba Coud: Build your first app with APIs, SDKs, and tutorials on the Alibaba Cloud. Read more >

First, Introduction

PKCS12 command to generate and analyze PKCS12 files

Second, the grammar

OpenSSL pkcs12 [-export] [-chain] [-inkey filename] [-certfile filename] [-capath arg] [-cafile arg] [-name name] [-caname name] [- in filename] [-out filename] [-noout] [-nomacver] [-nocerts] [-clcerts] [-cacerts] [-nokeys] [-Info] [-noiter] [-maciter] [-nomaciter] [-nomac] [-twopass] [-Descert] [-certpbe ALG] [-keypbe ALG] [-macalg Digest] [-keyex] [-keysig] [-password Arg] [-passin Arg] [-passout arg] [file(s)] [-LMK] [-CSP name] [-engine E] [-des] [-des3] [-aes128] [-aes192] [-aes256] [-Idea] [-camellia128] [-camellia192] [-camellia256] [-nodes]

Options

-export Output PKCS12file-chain Add certificate chain-inkeyfilePrivate keyifNot infile-certfile F Add all certsinchF-capath ARG-PEM Format Directory of CAs's-cafile ARG-PEM Formatfileof CA's-name"name"Use name as friendly name-caname"nm"Use NM as CA friendly name (can be used Morethan once).-inchinfile input filename-Out outfile output filename-noout Don't output anything, just verify.-nomacver Don't verify MAC.-nocerts Don't output certificates.-clcerts only output client certificates.-cacerts only output CA certificates.-nokeys Don't output private keys.-InfoGiveInfoAbout pkcs# Astructure.-des encrypt private keys with des-Des3 encrypt private keys with triple DES (default)-Idea encrypt private keys with idea-seed encrypt private keys with seed-aes128,-aes192,-aes256 encrypt PEM output with CBC AES-camellia128,-camellia192,-camellia256 encrypt PEM output with CBC Camellia-nodes Don't encrypt private keys-noiter Don't use encryption Iteration-nomaciter Don't use MAC iteration-maciter Use MAC iteration-nomac Don't generate MAC-twopass separate MAC, encryption passwords-descert Encrypt pkcs# ACertificates with triple DES (default rc2- +)-CERTPBE ALG Specify certificate PBE algorithm (default rc2- +)-keypbe alg Specify private key PBE algorithm (default 3DES)-macalg ALG Digest algorithm usedinchMAC (default SHA1)-Keyex Set MS key exchange type-Keysig set MS key signature type-password P Set import/Export Password Source-passin p InputfilePass phrase source-passout p OutputfilePass phrase source-engine e Use engine E, possibly a hardware device.-randfile:file:. .. load thefile(or the FilesinchThe directory) into the random number generator-CSP name Microsoft CSP name-LMK ADD Local Machine keyset attribute to private key

Third, examples

1. PKCS and PEM format for mutual transfer

1) Pem to PKCS12 file (contains CA certificate, CA certificate not included)

OpenSSL pkcs12-export-inkey Serverprikey.pem- in Server.pem-cafile Democa/cacert.pem-password pass:"
    123456" -out server.pfx
OpenSSL pkcs12-export-inkey serverprikey.pem-in Server.pem-password pass: "123456"-out server_nocret.pfx

2) PKCS12 converted to PEM file

OpenSSL pkcs12- in Server_nocret.pfx-out Server_nocret.pem-nodes-password pass:"123456 "

2. View PKCS12 Information

OpenSSL pkcs12- in Server.pfx-password Pass:"123456" -info -nocerts– Nokeys

Reference: http://blog.csdn.net/as3luyuan123/article/details/16105475

Openssl PKCS12 Commands

This article is an English version of an article which is originally in the Chinese language on aliyun.com and is provided for information purposes only. This website makes no representation or warranty of any kind, either expressed or implied, as to the accuracy, completeness ownership or reliability of the article or any translations thereof. If you have any concerns or complaints relating to the article, please send an email, providing a detailed description of the concern or complaint, to info-contact@alibabacloud.com. A staff member will contact you within 5 working days. Once verified, infringing content will be removed immediately.

Related Keywords:
openssl pkcs12 to pem openssl generate pkcs12 openssl pkcs12 export openssl verify pkcs12 openssl pkcs12 export private key openssl command line options openssl sha1 command

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

What's Trending
Top 10 Tags
datastax versions naming convention zookeeper client class definition md5 microsoft sql server 2005 data structures exception handling error handling
Top 10 Keywords
microsoft download center down wordpress address url site address url wordpress address url windows installer 4 0 download 302 not found web address url definition site address url wordpress db2 integer mac os installation step by step pdf abbreviation for return

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

Get Started for Free

  • Sales Support

    1 on 1 presale consultation

    Chat Contact Sales

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

    Open a Ticket

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.

    Learn More