Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Working with openssl to extract information from a pkcs12 certificate

Tags:

bash

openssl

osx-lion

I would like some help with the openssl command. I need to automate the retrieval of the subject= line in a pkcs12 certificate for a script I'm working on.

I've used openssl to view the contents of the Identity/Certificate:

openssl pkcs12 -info -in /Users/[user]/Desktop/ID.pfx

But I am prompted three times for the password. I used -passin to eliminate one of the password prompts, but I am still being prompted for the PEM pass phrase and verification entry.
I need to figure out a way to pass ${password} to the other two password challenges or have the scrip issue a ctl-c. The piece of info I need is outputted to the stdout before the second password prompt.

Any help would be appreciated!

Obviously I gutted the certificate output for this post.... but you should get the idea of what I'm seeing:

bash-3.2#  openssl pkcs12 -info -in /Users/[user]/Desktop/ID.pfx -passin pass:${password} MAC Iteration 2048 MAC verified OK PKCS7 Encrypted data: pbeWithSHA1And40BitRC2-CBC, Iteration 2048 Certificate bag Bag Attributes     localKeyID: ****     friendlyName: **** subject=**** issuer=**** -----BEGIN CERTIFICATE----- ::HASH REMOVED:: -----END CERTIFICATE----- PKCS7 Data Shrouded Keybag: **** Bag Attributes     localKeyID: ****      friendlyName: **** Key Attributes: <No Attributes>  Enter PEM pass phrase: Verifying - Enter PEM pass phrase:  -----BEGIN RSA PRIVATE KEY----- Proc-Type: 4,ENCRYPTED DEK-Info:   ::HASH REMOVED:: -----END RSA PRIVATE KEY----- bash-3.2#
like image 756
Sonic84 Avatar asked Dec 14 '11 06:12

Sonic84

People also ask

How do I view the contents of a pkcs12 file?

You can view the contents of a p12 key by installing OpenSSL, an open-source cryptography toolkit, and entering the command openssl pkcs12 -info -nodes -in yourfilename. p12 at your PC's command line.

What is pkcs12 in OpenSSL?

The pkcs12 command allows PKCS#12 files (sometimes referred to as PFX files) to be created and parsed. PKCS#12 files are used by several programs including Netscape, MSIE and MS Outlook.

2 Answers

Try this:

$ openssl pkcs12 -in ~/cert.p12 -nodes \     -passin pass:"my password" | openssl x509 -noout -subject

Or this for the common name (ruby to strip trailing whitespace):

$ openssl pkcs12 -in ~/cert.p12 -nodes \     -passin pass:"my password" | openssl x509 -noout -subject \     | awk -F'[=/]' '{print $6}'`.strip`
like image 148
Alfie Hanssen Avatar answered Sep 30 '22 18:09

Alfie Hanssen

Copying answer here in order to remove this question from the "Unanswered" filter:

openssl pkcs12 -nokeys -in /Users/[User]/Desktop/ID.pfx -passin pass:${password}
like image 44
DreadPirateShawn Avatar answered Sep 30 '22 17:09

DreadPirateShawn
Sign in to Comment

Related questions

Run script with rc.local: script works, but not at boot
How to split a string in bash delimited by tab
Unable to change the default editor in the terminal
How to test for if two files exist?
Print date for the monday of the current week (in bash)
How to skip row when importing bad MySQL dump
How do I echo stars (*) when reading password with `read`?
MSysGit Bash - how to enable Ctrl+Left / Right arrows?
how to output file names surrounded with quotes in SINGLE line?
What does the ampersand indicate in this bash command 1>&2
The Bash command :(){ :|:& };: will spawn processes to kernel death. Can you explain the syntax?
Merging two arrays in Bash
Why does this command kill my shell?
docker-compose yml running a script after up
How to use aliases defined in .bashrc in other scripts?
Here document as an argument to bash function
Make bash script echo executed command
How to insert a new line character after a fixed number of characters in a file
Create an array with a sequence of numbers in bash
Create a new file in git bash

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!