1PKCS12(1) OpenSSL PKCS12(1)
2
6 pkcs12 - PKCS#12 file utility
7
9 openssl pkcs12 [-export] [-chain] [-inkey filename] [-certfile file‐
10 name] [-name name] [-caname name] [-in filename] [-out filename]
11 [-noout] [-nomacver] [-nocerts] [-clcerts] [-cacerts] [-nokeys] [-info]
12 [-des] [-des3] [-idea] [-nodes] [-noiter] [-maciter] [-twopass]
13 [-descert] [-certpbe] [-keypbe] [-keyex] [-keysig] [-password arg]
14 [-passin arg] [-passout arg] [-rand file(s)]
15
17 The pkcs12 command allows PKCS#12 files (sometimes referred to as PFX
18 files) to be created and parsed. PKCS#12 files are used by several pro‐
19 grams including Netscape, MSIE and MS Outlook.
20
22 There are a lot of options the meaning of some depends of whether a
23 PKCS#12 file is being created or parsed. By default a PKCS#12 file is
24 parsed a PKCS#12 file can be created by using the -export option (see
25 below).
26
28 -in filename
29 This specifies filename of the PKCS#12 file to be parsed. Standard
30 input is used by default.
31 -out filename
33 The filename to write certificates and private keys to, standard
34 output by default. They are all written in PEM format.
35 -pass arg, -passin arg
37 the PKCS#12 file (i.e. input file) password source. For more infor‐
38 mation about the format of arg see the PASS PHRASE ARGUMENTS sec‐
39 tion in openssl(1).
40 -passout arg
42 pass phrase source to encrypt any outputed private keys with. For
43 more information about the format of arg see the PASS PHRASE ARGU‐
44 MENTS section in openssl(1).
45 -noout
47 this option inhibits output of the keys and certificates to the
48 output file version of the PKCS#12 file.
49 -clcerts
51 only output client certificates (not CA certificates).
52 -cacerts
54 only output CA certificates (not client certificates).
55 -nocerts
57 no certificates at all will be output.
58 -nokeys
60 no private keys will be output.
61 -info
63 output additional information about the PKCS#12 file structure,
64 algorithms used and iteration counts.
65 -des
67 use DES to encrypt private keys before outputting.
68 -des3
70 use triple DES to encrypt private keys before outputting, this is
71 the default.
72 -idea
74 use IDEA to encrypt private keys before outputting.
75 -nodes
77 don't encrypt the private keys at all.
78 -nomacver
80 don't attempt to verify the integrity MAC before reading the file.
81 -twopass
83 prompt for separate integrity and encryption passwords: most soft‐
84 ware always assumes these are the same so this option will render
85 such PKCS#12 files unreadable.
86
88 -export
89 This option specifies that a PKCS#12 file will be created rather
90 than parsed.
91 -out filename
93 This specifies filename to write the PKCS#12 file to. Standard out‐
94 put is used by default.
95 -in filename
97 The filename to read certificates and private keys from, standard
98 input by default. They must all be in PEM format. The order
99 doesn't matter but one private key and its corresponding certifi‐
100 cate should be present. If additional certificates are present they
101 will also be included in the PKCS#12 file.
102 -inkey filename
104 file to read private key from. If not present then a private key
105 must be present in the input file.
106 -name friendlyname
108 This specifies the "friendly name" for the certificate and private
109 key. This name is typically displayed in list boxes by software
110 importing the file.
111 -certfile filename
113 A filename to read additional certificates from.
114 -caname friendlyname
116 This specifies the "friendly name" for other certificates. This
117 option may be used multiple times to specify names for all certifi‐
118 cates in the order they appear. Netscape ignores friendly names on
119 other certificates whereas MSIE displays them.
120 -pass arg, -passout arg
122 the PKCS#12 file (i.e. output file) password source. For more
123 information about the format of arg see the PASS PHRASE ARGUMENTS
124 section in openssl(1).
125 -passin password
127 pass phrase source to decrypt any input private keys with. For more
128 information about the format of arg see the PASS PHRASE ARGUMENTS
129 section in openssl(1).
130 -chain
132 if this option is present then an attempt is made to include the
133 entire certificate chain of the user certificate. The standard CA
134 store is used for this search. If the search fails it is considered
135 a fatal error.
136 -descert
138 encrypt the certificate using triple DES, this may render the
139 PKCS#12 file unreadable by some "export grade" software. By default
140 the private key is encrypted using triple DES and the certificate
141 using 40 bit RC2.
142 -keypbe alg, -certpbe alg
144 these options allow the algorithm used to encrypt the private key
145 and certificates to be selected. Although any PKCS#5 v1.5 or
146 PKCS#12 algorithms can be selected it is advisable only to use
147 PKCS#12 algorithms. See the list in the NOTES section for more
148 information.
149 -keyex⎪-keysig
151 specifies that the private key is to be used for key exchange or
152 just signing. This option is only interpreted by MSIE and similar
153 MS software. Normally "export grade" software will only allow 512
154 bit RSA keys to be used for encryption purposes but arbitrary
155 length keys for signing. The -keysig option marks the key for sign‐
156 ing only. Signing only keys can be used for S/MIME signing, authen‐
157 ticode (ActiveX control signing) and SSL client authentication,
158 however due to a bug only MSIE 5.0 and later support the use of
159 signing only keys for SSL client authentication.
160 -nomaciter, -noiter
162 these options affect the iteration counts on the MAC and key algo‐
163 rithms. Unless you wish to produce files compatible with MSIE 4.0
164 you should leave these options alone.
165 To discourage attacks by using large dictionaries of common pass‐
167 words the algorithm that derives keys from passwords can have an
168 iteration count applied to it: this causes a certain part of the
169 algorithm to be repeated and slows it down. The MAC is used to
170 check the file integrity but since it will normally have the same
171 password as the keys and certificates it could also be attacked.
172 By default both MAC and encryption iteration counts are set to
173 2048, using these options the MAC and encryption iteration counts
174 can be set to 1, since this reduces the file security you should
175 not use these options unless you really have to. Most software sup‐
176 ports both MAC and key iteration counts. MSIE 4.0 doesn't support
177 MAC iteration counts so it needs the -nomaciter option.
178 -maciter
180 This option is included for compatibility with previous versions,
181 it used to be needed to use MAC iterations counts but they are now
182 used by default.
183 -rand file(s)
185 a file or files containing random data used to seed the random num‐
186 ber generator, or an EGD socket (see RAND_egd(3)). Multiple files
187 can be specified separated by a OS-dependent character. The sepa‐
188 rator is ; for MS-Windows, , for OpenVMS, and : for all others.
189
191 Although there are a large number of options most of them are very
192 rarely used. For PKCS#12 file parsing only -in and -out need to be used
193 for PKCS#12 file creation -export and -name are also used.
194 If none of the -clcerts, -cacerts or -nocerts options are present then
196 all certificates will be output in the order they appear in the input
197 PKCS#12 files. There is no guarantee that the first certificate present
198 is the one corresponding to the private key. Certain software which
199 requires a private key and certificate and assumes the first certifi‐
200 cate in the file is the one corresponding to the private key: this may
201 not always be the case. Using the -clcerts option will solve this prob‐
202 lem by only outputting the certificate corresponding to the private
203 key. If the CA certificates are required then they can be output to a
204 separate file using the -nokeys -cacerts options to just output CA cer‐
205 tificates.
206 The -keypbe and -certpbe algorithms allow the precise encryption algo‐
208 rithms for private keys and certificates to be specified. Normally the
209 defaults are fine but occasionally software can't handle triple DES
210 encrypted private keys, then the option -keypbe PBE-SHA1-RC2-40 can be
211 used to reduce the private key encryption to 40 bit RC2. A complete
212 description of all algorithms is contained in the pkcs8 manual page.
213
215 Parse a PKCS#12 file and output it to a file:
216 openssl pkcs12 -in file.p12 -out file.pem
218 Output only client certificates to a file:
220 openssl pkcs12 -in file.p12 -clcerts -out file.pem
222 Don't encrypt the private key:
224 openssl pkcs12 -in file.p12 -out file.pem -nodes
226 Print some info about a PKCS#12 file:
228 openssl pkcs12 -in file.p12 -info -noout
230 Create a PKCS#12 file:
232 openssl pkcs12 -export -in file.pem -out file.p12 -name "My Certificate"
234 Include some extra certificates:
236 openssl pkcs12 -export -in file.pem -out file.p12 -name "My Certificate" \
238 -certfile othercerts.pem
239
241 Some would argue that the PKCS#12 standard is one big bug :-)
242 Versions of OpenSSL before 0.9.6a had a bug in the PKCS#12 key genera‐
244 tion routines. Under rare circumstances this could produce a PKCS#12
245 file encrypted with an invalid key. As a result some PKCS#12 files
246 which triggered this bug from other implementations (MSIE or Netscape)
247 could not be decrypted by OpenSSL and similarly OpenSSL could produce
248 PKCS#12 files which could not be decrypted by other implementations.
249 The chances of producing such a file are relatively small: less than 1
250 in 256.
251 A side effect of fixing this bug is that any old invalidly encrypted
253 PKCS#12 files cannot no longer be parsed by the fixed version. Under
254 such circumstances the pkcs12 utility will report that the MAC is OK
255 but fail with a decryption error when extracting private keys.
256 This problem can be resolved by extracting the private keys and cer‐
258 tificates from the PKCS#12 file using an older version of OpenSSL and
259 recreating the PKCS#12 file from the keys and certificates using a
260 newer version of OpenSSL. For example:
261 old-openssl -in bad.p12 -out keycerts.pem
263 openssl -in keycerts.pem -export -name "My PKCS#12 file" -out fixed.p12
264
266 pkcs8(1)
2670.9.8b 2001-09-07 PKCS12(1)