SyntaxFix

[command-line] Enter export password to generate a P12 certificate

I would like to generate a P12 certificate from a .key and .pem. I'm running this command and get prompted to enter a export password:

pkcs12 -export -inkey private-key.key -in developer_identity.pem -out iphone_dev.p12

enter image description here

I can't enter a password at this point, it seems that the keyboard input is not recognized.

What do I miss? (I'm new to the Command Line tool and openSSL)

This question is related to command-line passwords openssl

The answer is

The selected answer apparently does not work anymore in 2019 (at least for me).

I was trying to export a certificate using openssl (version 1.1.0) and the parameter -password doesn't work.

According to that link in the original answer (the same info is in man openssl), openssl has two parameter for passwords and they are -passin for the input parts and -passout for output files.

For the -export command, I used -passin for the password of my key file and -passout to create a new password for my P12 file.

So the complete command without any prompt was like below:

openssl pkcs12 -export -in /tmp/MyCert.crt -inkey /tmp/MyKey.key -out /tmp/MyP12.p12 -name alias -passin pass:keypassphrase -passout pass:certificatepassword

If you does not want a password, you can use pass: like below:

openssl pkcs12 -export -in /tmp/MyCert.crt -inkey /tmp/MyKey.key -out /tmp/MyP12.p12 -name alias -passin pass: -passout pass:

It will works fine with a key without password and the output certificate will be created without password too.

I know this thread has been idle for a while, but I just wanted to add my two cents to supplement jariq's comment...

Per manual, you don't necessary want to use -password option.

Let's say mykey.key has a password and your want to protect iphone-dev.p12 with another password, this is what you'd use:

pkcs12 -export -inkey mykey.key -in developer_identity.pem -out iphone_dev.p12 -passin pass:password_for_mykey -passout pass:password_for_iphone_dev

Have fun scripting!!

MacOS High Sierra is very crazy to update openssl command suddenly.

Possible in last month:

$ openssl pkcs12 -in cert.p12 -out cert.pem -nodes -clcerts
MAC verified OK

But now:

$ openssl pkcs12 -in cert.p12 -out cert.pem -nodes -clcerts -password pass:
MAC verified OK

Source: Stackoverflow.com

Examples related to command-line

Git is not working after macOS Update (xcrun: error: invalid active developer path (/Library/Developer/CommandLineTools) Flutter command not found Angular - ng: command not found how to run python files in windows command prompt? How to run .NET Core console app from the command line Copy Paste in Bash on Ubuntu on Windows How to find which version of TensorFlow is installed in my system? How to install JQ on Mac by command-line? Python not working in the command line of git bash Run function in script from command line (Node JS)

Examples related to passwords

Your password does not satisfy the current policy requirements Laravel Password & Password_Confirmation Validation Default password of mysql in ubuntu server 16.04 mcrypt is deprecated, what is the alternative? What is the default root pasword for MySQL 5.7 MySQL user DB does not have password columns - Installing MySQL on OSX Changing an AIX password via script? Hide password with "•••••••" in a textField How to create a laravel hashed password Enter export password to generate a P12 certificate

Examples related to openssl

dyld: Library not loaded: /usr/local/opt/openssl/lib/libssl.1.0.0.dylib How to install OpenSSL in windows 10? SSL_connect: SSL_ERROR_SYSCALL in connection to github.com:443 How to fix: fatal error: openssl/opensslv.h: No such file or directory in RedHat 7 Homebrew refusing to link OpenSSL Solving sslv3 alert handshake failure when trying to use a client certificate How to install latest version of openssl Mac OS X El Capitan How to resolve the "EVP_DecryptFInal_ex: bad decrypt" during file decryption SSL error SSL3_GET_SERVER_CERTIFICATE:certificate verify failed Can't get private key with openssl (no start line:pem_lib.c:703:Expecting: ANY PRIVATE KEY)

Tags

Dddd Y-combinator Tchecklistbox Language-concepts Match Rdb Folder-security Qmake Localserver Keyboard-events Getschematable Pdf-conversion Atomicreference Typeclass Git-workflow Pic18 Shadowbox Cassandra Universe Svn-administraton Filestructure Xalan Jqtouch Keynotfoundexception Mkcoordinateregion Vpim Vendor-branch Abstracttablemodel Toolstripcontainer Moles Usenet Equals-operator Char Qwebkit Gfs Feof Processlist Xmldataset Iboutlet Loginview Unittest++ Compilation Session-replication Stemming Gwt-animation Common-controls Culerity Svn-copy Zpl Numeric-limits Project-setup Fetch Pandastream Doxia Sentinel Watch Strlen File Alt-attribute Eaglview Non-ascii-characters Dbref Dvi Subdomain-fu Maproute Cpu-usage Yui-compressor Insert-iterator Nimbus No-response Cgeventtap Regex-group Fpdi Pki Voting Failovercluster Qooxdoo Namespace-organisation Sdk3.0 Data-execution-prevention Nodeapi Tilde-expansion Virtual-memory Mouse-hook Msvcrt Framebuffer Tlbimp Absolute Whack Canonical-name Rightjs High-contrast Jdownloader Console2 Base-conversion Candidate Pykde Todictionary Combinations Phpmyadmin