Differences

This shows you the differences between two versions of the page.

--- public:common_openssl_operations [2024/11/12 13:07] – created thomas
+++ public:common_openssl_operations [2024/11/20 08:38] (current) – thomas
@@ Line 4: / Line 4: @@
 <code>
-openssl pkcs12 -in key.p12 -out key.pem -legacy -nocerts -nodes
+openssl pkcs12 -in container.p12 -out key.pem -legacy -nocerts -nodes
+</code>
+===== Extracting a certificate in PEM format from a P12 container =====
+<code>
+openssl pkcs12 -in container.p12 -out certificate.pem -legacy -nokeys -nodes
 </code>
@@ Line 11: / Line 17: @@
 <code>
 openssl x509 -inform der -in certificate.cer -out certificate.pem
+</code>
+===== Adding intermediate certificates to a P12 file =====
+This requires a combination of some of the earlier demonstrated commands:
+First, extract the key from the existing P12 container:
+<code>
+openssl pkcs12 -in container.p12 -out key.pem -legacy -nocerts -nodes
+</code>
+If you don't already have the certificate in a separate file, extract that from the P12 container too:
+<code>
+openssl pkcs12 -in container.p12 -out certificate.pem -legacy -nokeys -nodes
+</code>
+Then, concatenate the certificate and the intermediate certificates:
+<code>
+cat certificate.pem intermediate.pem > certs.pem
+</code>
+Finally, merge everything back in a new P12 container:
+<code>
+openssl pkcs12 -export -out all.p12 -inkey key.pem -in certs.pem
 </code>
 {{tag>openssl certificates}}