116480
Oct 24, 2014, updated at Jul 26, 2016 (UTC)
5112
4
0
Vom PFX File will ich private Key exportieren
Hallo,
ich habe ein pfx File auf Linux geladen.
Nun benutze ich Befehl
openssl pkcs12 -in domain.tld 11.12.2016.pfx -nocerts -out domain.tld_wildcard_private-11.12.16.pem
Der scheint nicht zu gehen. Es kommt
[root@isllight confproxy]# openssl pkcs12 -in domain.tld 11.12.2016.pfx -nocerts -out domain.tld_wildcard_private-11.12.16.pem
Usage: pkcs12 [options]
where options are
-export output PKCS12 file
-chain add certificate chain
-inkey file private key if not infile
-certfile f add all certs in f
-CApath arg - PEM format directory of CA's
-CAfile arg - PEM format file of CA's
-name "name" use name as friendly name
-caname "nm" use nm as CA friendly name (can be used more than once).
-in infile input filename
-out outfile output filename
-noout don't output anything, just verify.
-nomacver don't verify MAC.
-nocerts don't output certificates.
-clcerts only output client certificates.
-cacerts only output CA certificates.
-nokeys don't output private keys.
-info give info about PKCS#12 structure.
-des encrypt private keys with DES
-des3 encrypt private keys with triple DES (default)
-aes128, -aes192, -aes256
encrypt PEM output with cbc aes
-nodes don't encrypt private keys
-noiter don't use encryption iteration
-maciter use MAC iteration
-twopass separate MAC, encryption passwords
-descert encrypt PKCS#12 certificates with triple DES (default RC2-40)
-certpbe alg specify certificate PBE algorithm (default RC2-40)
-keypbe alg specify private key PBE algorithm (default 3DES)
-keyex set MS key exchange type
-keysig set MS key signature type
-password p set import/export password source
-passin p input file pass phrase source
-passout p output file pass phrase source
-engine e use engine e, possibly a hardware device.
-rand file:file:...
load the file (or the files in the directory) into
the random number generator
Was ist falsch ?
Gruss
Ralf
ich habe ein pfx File auf Linux geladen.
Nun benutze ich Befehl
openssl pkcs12 -in domain.tld 11.12.2016.pfx -nocerts -out domain.tld_wildcard_private-11.12.16.pem
Der scheint nicht zu gehen. Es kommt
[root@isllight confproxy]# openssl pkcs12 -in domain.tld 11.12.2016.pfx -nocerts -out domain.tld_wildcard_private-11.12.16.pem
Usage: pkcs12 [options]
where options are
-export output PKCS12 file
-chain add certificate chain
-inkey file private key if not infile
-certfile f add all certs in f
-CApath arg - PEM format directory of CA's
-CAfile arg - PEM format file of CA's
-name "name" use name as friendly name
-caname "nm" use nm as CA friendly name (can be used more than once).
-in infile input filename
-out outfile output filename
-noout don't output anything, just verify.
-nomacver don't verify MAC.
-nocerts don't output certificates.
-clcerts only output client certificates.
-cacerts only output CA certificates.
-nokeys don't output private keys.
-info give info about PKCS#12 structure.
-des encrypt private keys with DES
-des3 encrypt private keys with triple DES (default)
-aes128, -aes192, -aes256
encrypt PEM output with cbc aes
-nodes don't encrypt private keys
-noiter don't use encryption iteration
-maciter use MAC iteration
-twopass separate MAC, encryption passwords
-descert encrypt PKCS#12 certificates with triple DES (default RC2-40)
-certpbe alg specify certificate PBE algorithm (default RC2-40)
-keypbe alg specify private key PBE algorithm (default 3DES)
-keyex set MS key exchange type
-keysig set MS key signature type
-password p set import/export password source
-passin p input file pass phrase source
-passout p output file pass phrase source
-engine e use engine e, possibly a hardware device.
-rand file:file:...
load the file (or the files in the directory) into
the random number generator
Was ist falsch ?
Gruss
Ralf
Please also mark the comments that contributed to the solution of the article
Content-Key: 252953
Url: https://administrator.de/contentid/252953
Printed on: April 26, 2024 at 21:04 o'clock
4 Comments
Latest comment
Nun ging Kommando. File umbenannt.
klar, bei Leerzeichen im Dateinamen und ohne Anführungszeichen Zitat von @116480:
Was muss ich bei PEM pass Phrase eingeben ????
musst du nur eingeben wenn du den private Key mit einem Passwort schützen willst, ansonsten einfach Enter drücken....Was muss ich bei PEM pass Phrase eingeben ????
um bei Bedarf das Passwort eines Private Keys zu entfernen nutzt man folgenden Befehl:
openssl rsa -in key.pem -out unprotected.key