PKCS 12

From MgmtWiki
Revision as of 22:53, 5 May 2019 by Tom (talk | contribs) (Full Title)

Jump to: navigation, search

Full Title

PKCS #12: Personal Information Exchange Syntax v1.1

https://tools.ietf.org/html/rfc7292

Context

The full PKCS #12 standard is very complex. It enables buckets of complex objects such as PKCS #8 structures, nested deeply. But in practice it is normally used to store just one private key and its associated certificate chain.

Problem

You need .pfx file to install https on website for Microsoft's or many other web servers.

If you have two separate files: certificate (.cer or pem) and private key (.crt) they need to be converted to P12 or PFX format.

Solution

You will need to use openssl. 

 openssl pkcs12 -export -out domain.name.pfx -inkey domain.name.key -in domain.name.crt

The key file is just a text file with your private key in it.

If you have a root CA and intermediate certs, then include them as well using multiple -in params 

 openssl pkcs12 -export -out domain.name.pfx -inkey domain.name.key -in domain.name.crt -in intermediate.crt -in rootca.crt

You can install openssl from here: openssl

References

Retrieved from "http://tcwiki.azurewebsites.net/index.php?title=PKCS_12&oldid=5570"