Enter export password to generate a P12 certificate

Question

I would like to generate a P12 certificate from a  key and  pem  I m running this command and get prompted to enter a export password  pkcs12 -export -inkey private-key key -in developer identity pem -out iphone dev p12   I can t enter a password at this point  it seems that the keyboard input is not recognized  What do I miss   I m new to the Command Line tool and openSSL

User · Accepted Answer

OpenSSL command line app does not display any characters when you are entering your password. Just type it then press enter and you will see that it is working.

You can also use openssl pkcs12 -export -inkey mykey.key -in developer_identity.pem -out iphone_dev.p12 -password pass:YourPassword to pass the password YourPassword from command line. Please take a look at section Pass Phrase Options in OpenSSL manual for more information.

User · Answer

I know this thread has been idle for a while  but I just wanted to add my two cents to supplement jariq s comment     Per manual  you don t necessary want to use -password option   Let s say mykey key has a password and your want to protect iphone-dev p12 with another password  this is what you d use   pkcs12 -export -inkey mykey key -in developer identity pem -out iphone dev p12 -passin pass password for mykey -passout pass password for iphone dev   Have fun scripting

User · Answer

MacOS High Sierra is very crazy to update openssl command suddenly   Possible in last month     openssl pkcs12 -in cert p12 -out cert pem -nodes -clcerts MAC verified OK   But now     openssl pkcs12 -in cert p12 -out cert pem -nodes -clcerts -password pass  MAC verified OK

User · Answer

The selected answer apparently does not work anymore in 2019  at least for me    I was trying to export a certificate using openssl  version 1 1 0  and the parameter -password doesn t work   According to that link in the original answer  the same info is in man openssl   openssl has two parameter for passwords and they are -passin for the input parts and -passout for output files   For the -export command  I used -passin for the password of my key file and -passout to create a new password for my P12 file   So the complete command without any prompt was like below   openssl pkcs12 -export -in  tmp MyCert crt -inkey  tmp MyKey key -out  tmp MyP12 p12 -name alias -passin pass keypassphrase -passout pass certificatepassword   If you does not want a password  you can use pass  like below   openssl pkcs12 -export -in  tmp MyCert crt -inkey  tmp MyKey key -out  tmp MyP12 p12 -name alias -passin pass  -passout pass    It will works fine with a key without password and the output certificate will be created without password too

[command-line] Enter export password to generate a P12 certificate

Examples related to command-line

Examples related to passwords

Examples related to openssl