pkcs12(1ssl)pkcs12(1ssl)NAMEpkcs12 - PKCS#12 file utility
SYNOPSIS
openssl pkcs12 [-export] [-chain] [-inkey filename] [-certfile file‐
name] [-name name] [-canamename] [-infilename] [-outfilename] [-noout]
[-nomacver] [-nocerts] [-clcerts] [-cacerts] [-nokeys] [-info] [-des]
[-des3] [-idea] [-nodes] [-noiter] [-maciter] [-twopass] [-descert]
[-certpbe] [-keypbe] [-keyex] [-keysig] [-password arg] [-passin arg]
[-passout arg] [-rand filename]
OPTIONS
There are many options. The meaning of some depends on whether a
PKCS#12 file is being created or parsed. By default a PKCS#12 file is
parsed. A PKCS#12 file can be created by using the -export option.
PARSING OPTIONS
This specifies filename of the PKCS#12 file to be parsed. Standard
input is used by default. The filename to write certificates and pri‐
vate keys to, standard output by default. They are all written in PEM
format. The PKCS#12 file (i.e. input file) password source. For more
information about the format of arg, see the Pass Phrase Arguments
section in openssl(1ssl). The pass phrase source to encrypt any out‐
puted private keys with. For more information about the format of arg
see the Pass Phrase Arguments section in openssl(1ssl). Inhibits out‐
put of the keys and certificates to the output file version of the
PKCS#12 file. Only output client certificates (not CA certificates).
Only output CA certificates (not client certificates). No certificates
will be output. No private keys will be output. Outputs additional
information about the PKCS#12 file structure, algorithms used and iter‐
ation counts. Uses DES to encrypt private keys before outputting.
Uses triple DES to encrypt private keys before outputting, this is the
default. Uses IDEA to encrypt private keys before outputting. Does
not encrypt the private keys. Does not attempt to verify the integrity
MAC before reading the file. Prompts for separate integrity and
encryption passwords. Most software always assumes these are the same
so this option will render such PKCS#12 files unreadable.
FILE CREATION OPTIONS
Specifies that a PKCS#12 file will be created rather than parsed.
Specifies the filename where the PKCS#12 file is written. Standard out‐
put is used by default. The filename to read certificates and private
keys from, standard input by default. They must all be in PEM format.
The order does not matter, but one private key and its corresponding
certificate should be present. If additional certificates are present
they will also be included in the PKCS#12 file. The file to read pri‐
vate key from. If not present then a private key must be present in the
input file. Specifies the “friendly name” for the certificate and pri‐
vate key. This name is typically displayed in list boxes by software
importing the file. A filename to read additional certificates from.
Specifies the “friendly name” for other certificates. This option may
be used multiple times to specify names for all certificates in the
order they appear. Netscape ignores friendly names on other certifi‐
cates whereas MSIE displays them. The PKCS#12 file (i.e. output file)
password source. For more information about the format of arg, see the
Pass Phase Arguments section in openssl(1ssl). Pass phrase source
used to decrypt any input private keys. For more information about the
format of arg, see the Pass Phrase Arguments section in openssl(1ssl).
If this option is present then an attempt is made to include the entire
certificate chain of the user certificate. The standard CA store is
used for this search. If the search fails it is considered a fatal
error. Encrypts the certificate using triple DES. This may render the
PKCS#12 file unreadable by some export grade software. By default the
private key is encrypted using triple DES and the certificate using 40
bit RC2. Allows the algorithm used to encrypt the private key and cer‐
tificates to be selected. Although any PKCS#5 v1.5 or PKCS#12 algo‐
rithms can be selected, it is advisable only to use PKCS#12 algorithms.
See the list in the Notes section for more information. Specifies that
the private key is to be used for key exchange or just signing. This
option is only interpreted by MSIE and similar MS software. Normally
export grade software will only allow 512 bit RSA keys to be used for
encryption purposes but arbitrary length keys for signing. The -keysig
option marks the key for signing only. Signing only keys can be used
for S/MIME signing, authenticode (ActiveX control signing) and SSL
client authentication, however due to a bug only MSIE 5.0 and later
support the use of signing only keys for SSL client authentication.
These options affect the iteration counts on the MAC and key algo‐
rithms. Unless you wish to produce files compatible with MSIE 4.0 you
should leave these options alone.
To discourage attacks by using large dictionaries of common
passwords the algorithm that derives keys from passwords can
have an iteration count applied to it: this causes a certain
part of the algorithm to be repeated and slows it down. The MAC
is used to check the file integrity but since it will normally
have the same password as the keys and certificates it could
also be attacked. By default both MAC and encryption iteration
counts are set to 2048, using these options the MAC and encryp‐
tion iteration counts can be set to 1, since this reduces the
file security you should not use these options unless you really
have to. Most software supports both MAC and key iteration
counts. MSIE 4.0 doesn't support MAC iteration counts so it
needs the -nomaciter option. This option is included for com‐
patibility with previous versions. It used to be needed to use
MAC iterations counts but they are now used by default. A file
or files containing random data used to seed the random number
generator, or an EGD socket. (See RAND_egd(3).) Multiple files
can be specified separated by an OS-dependent character. The
separator is a semicolon (;) for MS-Windows, a comma (,) for
OpenVMS, and a colon (:) for all others.
DESCRIPTION
The pkcs12 command allows PKCS#12 files (sometimes referred to as PFX
files) to be created and parsed. PKCS#12 files are used by several pro‐
grams including Netscape, MSIE and MS Outlook.
NOTES
Although there are a large number of options most of them are very
rarely used. For PKCS#12 file parsing only the -in and -out options
need to be used for PKCS#12 file creation. The -export and -name are
also used.
If none of the -clcerts, -cacerts or -nocerts options are present then
all certificates will be output in the order they appear in the input
PKCS#12 files. There is no guarantee that the first certificate present
is the one corresponding to the private key. Certain software which
requires a private key and certificate and assumes the first certifi‐
cate in the file is the one corresponding to the private key: this may
not always be the case. Using the -clcerts option will solve this prob‐
lem by only outputing the certificate corresponding to the private key.
If the CA certificates are required then they can be output to a sepa‐
rate file using the -nokeysand -cacerts options.
The -keypbe and -certpbe algorithms allow the precise encryption algo‐
rithms for private keys and certificates to be specified. Normally the
defaults are fine, but occasionally software cannot handle triple DES
encrypted private keys. In that case, the -keypbe PBE-SHA1-RC2-40
option can be used to reduce the private key encryption to 40 bit RC2.
A complete description of all algorithms is contained in the
pkcs8(1ssl)reference page.
RESTRICTIONS
Versions of OpenSSL before 0.9.6a had a bug in the PKCS#12 key genera‐
tion routines. Under rare circumstances this could produce a PKCS#12
file encrypted with an invalid key. As a result some PKCS#12 files
which triggered this bug from other implementations (MSIE or Netscape)
could not be decrypted by OpenSSL and similarly OpenSSL could produce
PKCS#12 files which could not be decrypted by other implementations.
The chances of producing such a file are relatively small -- less than
1 in 256.
A side effect of fixing this bug is that any old invalidly encrypted
PKCS#12 files can no longer be parsed by the fixed version. Under such
circumstances the pkcs12 utility will report that the MAC is OK but
fail with a decryption error when extracting private keys.
This problem can be resolved by extracting the private keys and cer‐
tificates from the PKCS#12 file using an older version of OpenSSL and
recreating the PKCS#12 file from the keys and certificates using a
newer version of OpenSSL. For example: old-openssl -in bad.p12 -out
keycerts.pem
openssl -in keycerts.pem -export-name "My PKCS#12 file" -out
fixed.p12
EXAMPLES
Parse a PKCS#12 file and output it to a file:
openssl pkcs12-in file.p12 -out file.pem
Output only client certificates to a file:
openssl pkcs12-in file.p12 -clcerts -out file.pem
Don't encrypt the private key: openssl pkcs12-in file.p12 -out
file.pem -nodes
Print some information about a PKCS#12 file:
openssl pkcs12-in file.p12 -info -noout
Create a PKCS#12 file:
openssl pkcs12-export -in file.pem -out file.p12 -name "My Certifi‐
cate"
Include some extra certificates:
openssl pkcs12-export -in file.pem -out file.p12 -name "My Certifi‐
cate" \
-certfile othercerts.pem
SEE ALSO
Commands: pkcs8(1ssl)pkcs12(1ssl)