Differences
This shows you the differences between two versions of the page.
— | linux:ubuntu:openssl_examples [2019/10/31 09:05] (current) – created - external edit 127.0.0.1 | ||
---|---|---|---|
Line 1: | Line 1: | ||
+ | ====== Convert certificates with OpenSSL ====== | ||
+ | ===== DER ===== | ||
+ | <code bash| Convert a DER file (.crt .cer .der) to PEM> | ||
+ | openssl x509 -inform der -in certificate.cer -out certificate.pem | ||
+ | </ | ||
+ | ===== PEM ===== | ||
+ | <code bash| Convert a PEM file to DER> | ||
+ | openssl x509 -outform der -in certificate.pem -out certificate.der | ||
+ | </ | ||
+ | <code bash| Convert a PEM file to P7B> | ||
+ | openssl crl2pkcs7 -nocrl -certfile certificate.cer -out certificate.p7b -certfile CACert.cer | ||
+ | </ | ||
+ | <code bash| Convert a PEM certificate file and a private key to PKCS#12 (.pfx .p12)> | ||
+ | openssl pkcs12 -export -out certificate.pfx -inkey privateKey.key -in certificate.crt -certfile CACert.crt | ||
+ | </ | ||
+ | |||
+ | ===== PFX ===== | ||
+ | <code bash| Convert a PKCS#12 file (.pfx .p12) containing a private key and certificates to PEM> | ||
+ | openssl pkcs12 -in keyStore.pfx -out keyStore.pem -nodes | ||
+ | </ | ||
+ | You can add **-nocerts** to only output the private key or add -nokeys to only output the certificates. | ||
+ | |||
+ | ===== P7B ===== | ||
+ | <code bash| Convert a P7B to PEM> | ||
+ | openssl pkcs7 -print_certs -in certificate.p7b -out certificate.cer | ||
+ | </ | ||
+ | <code bash| Convert a P7B to PFX> | ||
+ | openssl pkcs7 -print_certs -in certificate.p7b -out certificate.cer | ||
+ | openssl pkcs12 -export -in certificate.cer -inkey privateKey.key -out certificate.pfx -certfile CACert.cer | ||
+ | </ | ||
+ | |||
+ | ===== Other commands ===== | ||
+ | <code bash| Export public key from private key> | ||
+ | openssl rsa -in privkey.pem -pubout > key.pub | ||
+ | </ | ||
+ | |||
+ | <code bash| Remove password from private key> | ||
+ | openssl rsa -in [file1.key] -out [file2.key] | ||
+ | </ |