Menu
I would like some help with the openssl command. I need to automate the retrieval of the subject= line in a pkcs12 certificate for a script I'm working on.
I've used openssl to view the contents of the Identity/Certificate:
openssl pkcs12 -info -in /Users/[user]/Desktop/ID.pfx But I am prompted three times for the password. I used -passin to eliminate one of the password prompts, but I am still being prompted for the PEM pass phrase and verification entry.
I need to figure out a way to pass ${password} to the other two password challenges or have the scrip issue a ctl-c. The piece of info I need is outputted to the stdout before the second password prompt.
Any help would be appreciated!
Obviously I gutted the certificate output for this post.... but you should get the idea of what I'm seeing:
bash-3.2# openssl pkcs12 -info -in /Users/[user]/Desktop/ID.pfx -passin pass:${password} MAC Iteration 2048 MAC verified OK PKCS7 Encrypted data: pbeWithSHA1And40BitRC2-CBC, Iteration 2048 Certificate bag Bag Attributes localKeyID: **** friendlyName: **** subject=**** issuer=**** -----BEGIN CERTIFICATE----- ::HASH REMOVED:: -----END CERTIFICATE----- PKCS7 Data Shrouded Keybag: **** Bag Attributes localKeyID: **** friendlyName: **** Key Attributes: <No Attributes> Enter PEM pass phrase: Verifying - Enter PEM pass phrase: -----BEGIN RSA PRIVATE KEY----- Proc-Type: 4,ENCRYPTED DEK-Info: ::HASH REMOVED:: -----END RSA PRIVATE KEY----- bash-3.2# 
756
You can view the contents of a p12 key by installing OpenSSL, an open-source cryptography toolkit, and entering the command openssl pkcs12 -info -nodes -in yourfilename. p12 at your PC's command line.
The pkcs12 command allows PKCS#12 files (sometimes referred to as PFX files) to be created and parsed. PKCS#12 files are used by several programs including Netscape, MSIE and MS Outlook.
Try this:
$ openssl pkcs12 -in ~/cert.p12 -nodes \ -passin pass:"my password" | openssl x509 -noout -subject Or this for the common name (ruby to strip trailing whitespace):
$ openssl pkcs12 -in ~/cert.p12 -nodes \ -passin pass:"my password" | openssl x509 -noout -subject \ | awk -F'[=/]' '{print $6}'`.strip` Copying answer here in order to remove this question from the "Unanswered" filter:
openssl pkcs12 -nokeys -in /Users/[User]/Desktop/ID.pfx -passin pass:${password} If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
