howtos:convert_pem_format_certificate_to_pkcs12_format_certificate
no way to compare when less than two revisions
Differences
This shows you the differences between two versions of the page.
— | howtos:convert_pem_format_certificate_to_pkcs12_format_certificate [02/12/2018 21:34] (current) – created - external edit 127.0.0.1 | ||
---|---|---|---|
Line 1: | Line 1: | ||
+ | Most browsers, including Internet Explorer, require that client certificates (which includes proxy certificates) be in the PKCS12 format rather than the X509 PEM format. Additionally, | ||
+ | |||
+ | > openssl pkcs12 -export -in cert.pem -inkey key.pem -out cred.p12 | ||
+ | Enter Export Password: | ||
+ | Verifying - Enter Export Password: | ||
+ | > | ||
+ | |||
+ | First, an explanation of the command line options: | ||
+ | * -export - generate a PKCS12 formatted file. | ||
+ | * -in cert.pem - read in the X509 PEM formatted certificate from the file cert.pem. | ||
+ | * -inkey key.pem - read in the X509 PEM formatted key from the file key.pem. | ||
+ | * -out cred.p12 - write out the PKCS12 formatted ' | ||
+ | |||
+ | Next, some caveats of the interactive session: | ||
+ | * PEM formatted certificates are fairly flexible. For example, both the certificate and the private key for that certificate can be contained in a single file. This is often the case with proxy certificates, | ||
+ | * If the private key is encrypted, you will be prompted to enter the pass phrase for that key before entering the export password. | ||
+ | * The export password does not have to be the same as the password you used for the PEM formatted private key. Whatever password you choose, you will need to enter that new password when importing the new PKCS12 credential into Windows XP. | ||
+ | |||
howtos/convert_pem_format_certificate_to_pkcs12_format_certificate.txt · Last modified: 02/12/2018 21:34 by 127.0.0.1