Name

pkcs12

Synopsis

The pkcs12 command is used to create, examine, and manipulate PKCS#12-formatted files.

Options

-in filename

Specify the name of a file from which a PKCS#12 structure in PEM format will be read. If this option is omitted, stdin will be used.

-out filename

Specify the name of a file that will be used to write a PKCS#12 structure in PEM format. If this option is omitted, stdout will be used.

-password password, -passin password

Specify the password or passphrase that is required to decrypt the input PKCS#12 structure. This option follows the guidelines for passwords and passphrases outlined in Chapter 2.

-passout password

Specify the password or passphrase that will be used to encrypt the output PKCS#12 structure. This option follows the guidelines for passwords and passphrases outlined in Chapter 2.

-des, -des3, -idea

Specify the cipher that will be used to encrypt the output PKCS#12 structure. If this option is omitted, the default is to use 3DES.

-nodes

Cause the output PKCS#12 structure to be unencrypted.

-noout

Cause the output of a PKCS#12 structure to be suppressed. This option is useful when extracting the various structures that are contained by a PKCS#12 structure.

-clcerts

Cause only the client certificates contained in the input PKCS#12 structure to be output.

-cacerts

Cause only the CA certificates contained in the input PKCS#12 structure to be output.

-nocerts

Suppress the output of any certificates, whether they are client or CA certificates. ...

Get Network Security with OpenSSL now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial