![]() Now remove the passphrase: $ openssl rsa -in private.key -out "NewKeyFile.key" -passin pass:TemporaryPassword Pass:PASSWORD -passin pass:PASSWORD -passout pass:TemporaryPassword Now, the private key: $ openssl pkcs12 -nocerts -in "YourPKCSFile" -out private.key -password \ Second, the CA (issuer) certificate: $ openssl pkcs12 -cacerts -nokeys -in "YourPKCSFile" -out ca-cert.ca \ password pass:PASSWORD -passin pass:PASSWORD Unfortunately none of the answers posted thus far are correct, as they just supply a blank password as opposed to no password, which means that you will still get prompted for a password in the first place.įor the sake of keeping everything together in one place, I'll copy post with some slight ammendments įirst, extract the certificate: $ openssl pkcs12 -clcerts -nokeys -in "YourPKCSFile" -out certificate.crt \ Now you have a new PKCS12 key file without passphrase on the private key part. ![]() in PEM.pem -out "NewPKCSWithoutPassphraseFile" Put things together for the new PKCS-File: $ cat "NewKeyFile.key" \Īnd create the new file: $ openssl pkcs12 -export -nodes -CAfile ca-cert.ca \ Now remove the passphrase: $ openssl rsa -legacy -in private.key -out "NewKeyFile.key" \ out private.key -password pass:PASSWORD -passin pass:PASSWORD \ Now, the private key: $ openssl pkcs12 -nocerts -legacy -in "YourPKCSFile" \ out ca-cert.ca -password pass:PASSWORD -passin pass:PASSWORD Second, the CA key: $ openssl pkcs12 -cacerts -nokeys -legacy -in "YourPKCSFile" \ out certificate.crt -password pass:PASSWORD -passin pass:PASSWORD NewPKCSWithoutPassphraseFile is the target file for the PKCS12 without passphraseįirst, extract the certificate: $ openssl pkcs12 -clcerts -nokeys -legacy -in "YourPKCSFile" \.YourPKCSFile is the file you want to convert.It can be achieved by various openssl calls.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |