openssl - Export a PKCS#12 file without an export password?

Question

Welcome To Ask or Share your Answers For Others

openssl - Export a PKCS#12 file without an export password?

asked Oct 24, 2021 in Technique[技术] by 深蓝 (71.8m points)

openssl - Export a PKCS#12 file without an export password?

I am generating exporting some pkcs#12 files for testing purposes. These files are not being used in production and only exist temporary during automated testing.

I am using the following command:

openssl pkcs12 -export -nodes -out bundle.pfx -inkey mykey.key -in certificate.crt -certfile ca-cert.crt

Why is it insisting on an export password when I have included -nodes?

My OpenSSL version is OpenSSL 1.0.1f 6 Jan 2014 on Ubuntu Server 14.10 64-bit.

See Question&Answers more detail:os

与恶龙缠斗过久,自身亦成为恶龙；凝视深渊过久,深渊将回以凝视…

1 Answer

深蓝 · Answer 1 · 2021-10-23T18:29:30+0000

In interactive mode, when it prompts for a password, just press enter and there will be no password set.

If you are want to automate that (for example as an ansible command), use the -passout argument. It expects the parameter to be in the form pass:mypassword. Since we want no password:

openssl pkcs12 -export -nodes -out bundle.pfx -inkey mykey.key 
    -in certificate.crt -certfile ca-cert.crt 
    -passout pass:

Categories

openssl - Export a PKCS#12 file without an export password?

openssl - Export a PKCS#12 file without an export password?

Please log in or register to add a comment.

Please log in or register to answer this question.

1 Answer

Please log in or register to add a comment.

Just Browsing Browsing

Most popular tags