I have p7b file provided by Thwate.When I am trying to export the certificate in the cer file using the below command, the certificate chain is not included.
Please suggest how to do the same. This CER is required for the importing into the weblogic key store.
openssl pkcs7 -print_certs -in certificate.p7b -out certificate.cer
This question is related to
openssl
certificate
x509certificate
I had similar problem extracting certificates from a file. This might not be the most best way to do it but it worked for me.
openssl pkcs7 -inform DER -print_certs -in <path of the file> | awk 'split_after==1{n++;split_after=0} /-----END CERTIFICATE-----/ {split_after=1} {print > "cert" n ".pem"}'
The only problem is that any additional certificates in resulted file will not be recognized, as tools don't expect more than one certificate per PEM/DER encoded file. Even openssl itself. Try
openssl x509 -outform DER -in certificate.cer | openssl x509 -inform DER -outform PEM
and see for yourself.
The selected answer didn't work for me, but it's close. I found a tutorial that worked for me and the certificate I obtained from StartCom.
Change the leader and trailer so the file looks similar to this:
-----BEGIN PKCS7-----
[... certificate content here ...]
-----END PKCS7-----
For example, my StartCom certificate began with:
-----BEGIN CERTIFICATE-----
and ended with:
-----END CERTIFICATE-----
Run the following OpenSSL command (works on Ubuntu 14.04.4, as of this writing):
openssl pkcs7 -print_certs –in pkcs7.p7b -out pem.cer
The output is a .cer with the certificate chain.
Reference: http://www.freetutorialssubmit.com/extract-certificates-from-P7B/2206
If you add -chain to your command line, it will export any chained certificates.
Source: Stackoverflow.com