Windows asks for a p12 password when setting the p12 key generated by openssl

Question

If I create a p12 certificate with openssl like:

openssl pkcs12 -export -in myprivatecert.pem -nokeys -out mycert.p12

Even if I ask openssl not to export the private key, why windows still require a secret key password when installing the certificate.

I suppose something is missing.

+3

David thornley Mar 16 '10 at 5:28

1 answer

Jim Flood · Accepted Answer · 2010-03-20T06:02:56+0000

The password is for the PKCS12 file itself, not for the private key. You can specify an empty password by adding "passpass pass:" as follows:

$ openssl pkcs12 -password pass: -export -in myprivatecert.pem -nokeys -out mycert.p12

Windows will still be prompted for the password, but you can leave it blank and the import will work fine.

, Windows, , , DER :

$ openssl x509 -in myprivatecert.pem -outform DER -out mycert.der

, Windows der . , .