Converting PKCS#12 certificate into PEM using OpenSSL

Converting PKCS#12 certificate into PEM using OpenSSL

回答1

Try:

openssl pkcs12 -in path.p12 -out newfile.crt.pem -clcerts -nokeys
openssl pkcs12 -in path.p12 -out newfile.key.pem -nocerts -nodes

After that you have:

  • certificate in newfile.crt.pem
  • private key in newfile.key.pem

To put the certificate and key in the same file without a password, use the following, as an empty password will cause the key to not be exported:

openssl pkcs12 -in path.p12 -out newfile.pem -nodes

Or, if you want to provide a password for the private key, omit -nodes and input a password:

openssl pkcs12 -in path.p12 -out newfile.pem

If you need to input the PKCS#12 password directly from the command line (e.g. a script), just add -passin pass:${PASSWORD}:

openssl pkcs12 -in path.p12 -out newfile.crt.pem -clcerts -nokeys -passin 'pass:P@s5w0rD'
 

如果.p12文件被密码保护的话,就是用如下格式的命令,分别导出crt和key

openssl pkcs12 -in chuck.p12 -out newfile.crt.pem -clcerts -nokeys -password pass:mypassword
openssl pkcs12 -in chuck.p12 -out newfile.key.pem -nocerts -nodes -password pass:mypassword

【推广】 免费学中医,健康全家人
原文地址:https://www.cnblogs.com/chucklu/p/15664541.html