1OPENSSL-PKCS12(1ossl) OpenSSL OPENSSL-PKCS12(1ossl)
2
6 openssl-pkcs12 - PKCS#12 file command
7
9 openssl pkcs12 [-help] [-passin arg] [-passout arg] [-password arg]
10 [-twopass] [-in filename|uri] [-out filename] [-nokeys] [-nocerts]
11 [-noout] [-legacy] [-engine id] [-provider name] [-provider-path path]
12 [-propquery propq] [-rand files] [-writerand file]
13 PKCS#12 input (parsing) options: [-info] [-nomacver] [-clcerts]
15 [-cacerts]
16 [-aes128] [-aes192] [-aes256] [-aria128] [-aria192] [-aria256]
18 [-camellia128] [-camellia192] [-camellia256] [-des] [-des3] [-idea]
19 [-noenc] [-nodes]
20 PKCS#12 output (export) options:
22 [-export] [-inkey filename|uri] [-certfile filename] [-passcerts arg]
24 [-chain] [-untrusted filename] [-CAfile file] [-no-CAfile] [-CApath
25 dir] [-no-CApath] [-CAstore uri] [-no-CAstore] [-name name] [-caname
26 name] [-CSP name] [-LMK] [-keyex] [-keysig] [-keypbe cipher] [-certpbe
27 cipher] [-descert] [-macalg digest] [-iter count] [-noiter]
28 [-nomaciter] [-maciter] [-nomac]
29
31 This command allows PKCS#12 files (sometimes referred to as PFX files)
32 to be created and parsed. PKCS#12 files are used by several programs
33 including Netscape, MSIE and MS Outlook.
34
36 There are a lot of options the meaning of some depends of whether a
37 PKCS#12 file is being created or parsed. By default a PKCS#12 file is
38 parsed. A PKCS#12 file can be created by using the -export option (see
39 below). The PKCS#12 export encryption and MAC options such as -certpbe
40 and -iter and many further options such as -chain are relevant only
41 with -export. Conversely, the options regarding encryption of private
42 keys when outputting PKCS#12 input are relevant only when the -export
43 option is not given.
44 The default encryption algorithm is AES-256-CBC with PBKDF2 for key
46 derivation.
47 When encountering problems loading legacy PKCS#12 files that involve,
49 for example, RC2-40-CBC, try using the -legacy option and, if needed,
50 the -provider-path option.
51 -help
53 Print out a usage message.
54 -passin arg
56 The password source for the input, and for encrypting any private
57 keys that are output. For more information about the format of arg
58 see openssl-passphrase-options(1).
59 -passout arg
61 The password source for output files.
62 -password arg
64 With -export, -password is equivalent to -passout, otherwise it is
65 equivalent to -passin.
66 -twopass
68 Prompt for separate integrity and encryption passwords: most
69 software always assumes these are the same so this option will
70 render such PKCS#12 files unreadable. Cannot be used in combination
71 with the options -password, -passin if importing from PKCS#12, or
72 -passout if exporting.
73 -nokeys
75 No private keys will be output.
76 -nocerts
78 No certificates will be output.
79 -noout
81 This option inhibits all credentials output, and so the input is
82 just verified.
83 -legacy
85 Use legacy mode of operation and automatically load the legacy
86 provider. If OpenSSL is not installed system-wide, it is necessary
87 to also use, for example, "-provider-path ./providers" or to set
88 the environment variable OPENSSL_MODULES to point to the directory
89 where the providers can be found.
90 In the legacy mode, the default algorithm for certificate
92 encryption is RC2_CBC or 3DES_CBC depending on whether the RC2
93 cipher is enabled in the build. The default algorithm for private
94 key encryption is 3DES_CBC. If the legacy option is not specified,
95 then the legacy provider is not loaded and the default encryption
96 algorithm for both certificates and private keys is AES_256_CBC
97 with PBKDF2 for key derivation.
98 -engine id
100 See "Engine Options" in openssl(1). This option is deprecated.
101 -provider name
103 -provider-path path
104 -propquery propq
105 See "Provider Options" in openssl(1), provider(7), and property(7).
106 -rand files, -writerand file
108 See "Random State Options" in openssl(1) for details.
109 PKCS#12 input (parsing) options
111 -in filename|uri
112 This specifies the input filename or URI. Standard input is used
113 by default. Without the -export option this must be PKCS#12 file
114 to be parsed. For use with the -export option see the "PKCS#12
115 output (export) options" section.
116 -out filename
118 The filename to write certificates and private keys to, standard
119 output by default. They are all written in PEM format.
120 -info
122 Output additional information about the PKCS#12 file structure,
123 algorithms used and iteration counts.
124 -nomacver
126 Don't attempt to verify the integrity MAC.
127 -clcerts
129 Only output client certificates (not CA certificates).
130 -cacerts
132 Only output CA certificates (not client certificates).
133 -aes128, -aes192, -aes256
135 Use AES to encrypt private keys before outputting.
136 -aria128, -aria192, -aria256
138 Use ARIA to encrypt private keys before outputting.
139 -camellia128, -camellia192, -camellia256
141 Use Camellia to encrypt private keys before outputting.
142 -des
144 Use DES to encrypt private keys before outputting.
145 -des3
147 Use triple DES to encrypt private keys before outputting.
148 -idea
150 Use IDEA to encrypt private keys before outputting.
151 -noenc
153 Don't encrypt private keys at all.
154 -nodes
156 This option is deprecated since OpenSSL 3.0; use -noenc instead.
157 PKCS#12 output (export) options
159 -export
160 This option specifies that a PKCS#12 file will be created rather
161 than parsed.
162 -out filename
164 This specifies filename to write the PKCS#12 file to. Standard
165 output is used by default.
166 -in filename|uri
168 This specifies the input filename or URI. Standard input is used
169 by default. With the -export option this is a file with
170 certificates and a key, or a URI that refers to a key accessed via
171 an engine. The order of credentials in a file doesn't matter but
172 one private key and its corresponding certificate should be
173 present. If additional certificates are present they will also be
174 included in the PKCS#12 output file.
175 -inkey filename|uri
177 The private key input for PKCS12 output. If this option is not
178 specified then the input file (-in argument) must contain a private
179 key. If no engine is used, the argument is taken as a file. If
180 the -engine option is used or the URI has prefix
181 "org.openssl.engine:" then the rest of the URI is taken as key
182 identifier for the given engine.
183 -certfile filename
185 An input file with extra certificates to be added to the PKCS#12
186 output if the -export option is given.
187 -passcerts arg
189 The password source for certificate input such as -certfile and
190 -untrusted. For more information about the format of arg see
191 openssl-passphrase-options(1).
192 -chain
194 If this option is present then the certificate chain of the end
195 entity certificate is built and included in the PKCS#12 output
196 file. The end entity certificate is the first one read from the
197 -in file if no key is given, else the first certificate matching
198 the given key. The standard CA trust store is used for chain
199 building, as well as any untrusted CA certificates given with the
200 -untrusted option.
201 -untrusted filename
203 An input file of untrusted certificates that may be used for chain
204 building, which is relevant only when a PKCS#12 file is created
205 with the -export option and the -chain option is given as well.
206 Any certificates that are actually part of the chain are added to
207 the output.
208 -CAfile file, -no-CAfile, -CApath dir, -no-CApath, -CAstore uri,
210 -no-CAstore
211 See "Trusted Certificate Options" in
212 openssl-verification-options(1) for details.
213 -name friendlyname
215 This specifies the "friendly name" for the certificates and private
216 key. This name is typically displayed in list boxes by software
217 importing the file.
218 -caname friendlyname
220 This specifies the "friendly name" for other certificates. This
221 option may be used multiple times to specify names for all
222 certificates in the order they appear. Netscape ignores friendly
223 names on other certificates whereas MSIE displays them.
224 -CSP name
226 Write name as a Microsoft CSP name. The password source for the
227 input, and for encrypting any private keys that are output. For
228 more information about the format of arg see
229 openssl-passphrase-options(1).
230 -LMK
232 Add the "Local Key Set" identifier to the attributes.
233 -keyex|-keysig
235 Specifies that the private key is to be used for key exchange or
236 just signing. This option is only interpreted by MSIE and similar
237 MS software. Normally "export grade" software will only allow 512
238 bit RSA keys to be used for encryption purposes but arbitrary
239 length keys for signing. The -keysig option marks the key for
240 signing only. Signing only keys can be used for S/MIME signing,
241 authenticode (ActiveX control signing) and SSL client
242 authentication, however, due to a bug only MSIE 5.0 and later
243 support the use of signing only keys for SSL client authentication.
244 -keypbe alg, -certpbe alg
246 These options allow the algorithm used to encrypt the private key
247 and certificates to be selected. Any PKCS#5 v1.5 or PKCS#12 PBE
248 algorithm name can be used (see "NOTES" section for more
249 information). If a cipher name (as output by "openssl list
250 -cipher-algorithms") is specified then it is used with PKCS#5 v2.0.
251 For interoperability reasons it is advisable to only use PKCS#12
252 algorithms.
253 Special value "NONE" disables encryption of the private key and
255 certificates.
256 -descert
258 Encrypt the certificates using triple DES. By default the private
259 key and the certificates are encrypted using AES-256-CBC unless the
260 '-legacy' option is used. If '-descert' is used with the '-legacy'
261 then both, the private key and the certificates are encrypted using
262 triple DES.
263 -macalg digest
265 Specify the MAC digest algorithm. If not included SHA1 will be
266 used.
267 -iter count
269 This option specifies the iteration count for the encryption key
270 and MAC. The default value is 2048.
271 To discourage attacks by using large dictionaries of common
273 passwords the algorithm that derives keys from passwords can have
274 an iteration count applied to it: this causes a certain part of the
275 algorithm to be repeated and slows it down. The MAC is used to
276 check the file integrity but since it will normally have the same
277 password as the keys and certificates it could also be attacked.
278 -noiter, -nomaciter
280 By default both encryption and MAC iteration counts are set to
281 2048, using these options the MAC and encryption iteration counts
282 can be set to 1, since this reduces the file security you should
283 not use these options unless you really have to. Most software
284 supports both MAC and encryption iteration counts. MSIE 4.0
285 doesn't support MAC iteration counts so it needs the -nomaciter
286 option.
287 -maciter
289 This option is included for compatibility with previous versions,
290 it used to be needed to use MAC iterations counts but they are now
291 used by default.
292 -nomac
294 Do not attempt to provide the MAC integrity. This can be useful
295 with the FIPS provider as the PKCS12 MAC requires PKCS12KDF which
296 is not an approved FIPS algorithm and cannot be supported by the
297 FIPS provider.
298
300 Although there are a large number of options most of them are very
301 rarely used. For PKCS#12 file parsing only -in and -out need to be used
302 for PKCS#12 file creation -export and -name are also used.
303 If none of the -clcerts, -cacerts or -nocerts options are present then
305 all certificates will be output in the order they appear in the input
306 PKCS#12 files. There is no guarantee that the first certificate present
307 is the one corresponding to the private key. Certain software which
308 tries to get a private key and the corresponding certificate might
309 assume that the first certificate in the file is the one corresponding
310 to the private key, but that may not always be the case. Using the
311 -clcerts option will solve this problem by only outputting the
312 certificate corresponding to the private key. If the CA certificates
313 are required then they can be output to a separate file using the
314 -nokeys -cacerts options to just output CA certificates.
315 The -keypbe and -certpbe algorithms allow the precise encryption
317 algorithms for private keys and certificates to be specified. Normally
318 the defaults are fine but occasionally software can't handle triple DES
319 encrypted private keys, then the option -keypbe PBE-SHA1-RC2-40 can be
320 used to reduce the private key encryption to 40 bit RC2. A complete
321 description of all algorithms is contained in openssl-pkcs8(1).
322 Prior 1.1 release passwords containing non-ASCII characters were
324 encoded in non-compliant manner, which limited interoperability, in
325 first hand with Windows. But switching to standard-compliant password
326 encoding poses problem accessing old data protected with broken
327 encoding. For this reason even legacy encodings is attempted when
328 reading the data. If you use PKCS#12 files in production application
329 you are advised to convert the data, because implemented heuristic
330 approach is not MT-safe, its sole goal is to facilitate the data
331 upgrade with this command.
332
334 Parse a PKCS#12 file and output it to a PEM file:
335 openssl pkcs12 -in file.p12 -out file.pem
337 Output only client certificates to a file:
339 openssl pkcs12 -in file.p12 -clcerts -out file.pem
341 Don't encrypt the private key:
343 openssl pkcs12 -in file.p12 -out file.pem -noenc
345 Print some info about a PKCS#12 file:
347 openssl pkcs12 -in file.p12 -info -noout
349 Print some info about a PKCS#12 file in legacy mode:
351 openssl pkcs12 -in file.p12 -info -noout -legacy
353 Create a PKCS#12 file from a PEM file that may contain a key and
355 certificates:
356 openssl pkcs12 -export -in file.pem -out file.p12 -name "My PSE"
358 Include some extra certificates:
360 openssl pkcs12 -export -in file.pem -out file.p12 -name "My PSE" \
362 -certfile othercerts.pem
363 Export a PKCS#12 file with data from a certificate PEM file and from a
365 further PEM file containing a key, with default algorithms as in the
366 legacy provider:
367 openssl pkcs12 -export -in cert.pem -inkey key.pem -out file.p12 -legacy
369
371 openssl(1), openssl-pkcs8(1), ossl_store-file(7)
372
374 The -engine option was deprecated in OpenSSL 3.0. The -nodes option
375 was deprecated in OpenSSL 3.0, too; use -noenc instead.
376
378 Copyright 2000-2021 The OpenSSL Project Authors. All Rights Reserved.
379 Licensed under the Apache License 2.0 (the "License"). You may not use
381 this file except in compliance with the License. You can obtain a copy
382 in the file LICENSE in the source distribution or at
383 <https://www.openssl.org/source/license.html>.
3843.0.5 2022-07-05 OPENSSL-PKCS12(1ossl)