Enter export password to generate a P12 certificate

Command LinePasswordsOpenssl

Command Line Problem Overview

I would like to generate a P12 certificate from a .key and .pem. I'm running this command and get prompted to enter a export password:

pkcs12 -export -inkey private-key.key -in developer_identity.pem -out iphone_dev.p12

enter image description here

I can't enter a password at this point, it seems that the keyboard input is not recognized.

What do I miss? (I'm new to the Command Line tool and openSSL)

Command Line Solutions

Solution 1 - Command Line

OpenSSL command line app does not display any characters when you are entering your password. Just type it then press enter and you will see that it is working.

You can also use openssl pkcs12 -export -inkey mykey.key -in developer_identity.pem -out iphone_dev.p12 -password pass:YourPassword to pass the password YourPassword from command line. Please take a look at section Pass Phrase Options in OpenSSL manual for more information.

Solution 2 - Command Line

I know this thread has been idle for a while, but I just wanted to add my two cents to supplement jariq's comment...

Per manual, you don't necessary want to use -password option.

Let's say mykey.key has a password and your want to protect iphone-dev.p12 with another password, this is what you'd use:

pkcs12 -export -inkey mykey.key -in developer_identity.pem -out iphone_dev.p12 -passin pass:password_for_mykey -passout pass:password_for_iphone_dev

Have fun scripting!!

Solution 3 - Command Line

The selected answer apparently does not work anymore in 2019 (at least for me).

I was trying to export a certificate using openssl (version 1.1.0) and the parameter -password doesn't work.

According to that link in the original answer (the same info is in man openssl), openssl has two parameter for passwords and they are -passin for the input parts and -passout for output files.

For the -export command, I used -passin for the password of my key file and -passout to create a new password for my P12 file.

So the complete command without any prompt was like below:

openssl pkcs12 -export -in /tmp/MyCert.crt -inkey /tmp/MyKey.key -out /tmp/MyP12.p12 -name alias -passin pass:keypassphrase -passout pass:certificatepassword

If you does not want a password, you can use pass: like below:

openssl pkcs12 -export -in /tmp/MyCert.crt -inkey /tmp/MyKey.key -out /tmp/MyP12.p12 -name alias -passin pass: -passout pass:

It will works fine with a key without password and the output certificate will be created without password too.

Solution 4 - Command Line

MacOS High Sierra is very crazy to update openssl command suddenly.

Possible in last month:

$ openssl pkcs12 -in cert.p12 -out cert.pem -nodes -clcerts
MAC verified OK

But now:

$ openssl pkcs12 -in cert.p12 -out cert.pem -nodes -clcerts -password pass:
MAC verified OK
Categories
Recommended Command Line Solutions
Recommended Passwords Solutions
Recommended Openssl Solutions

Previous Solution:

How to change ReactJS styles dynamically?

JavascriptCssReactjs

Next Solution:

How to repeat a String N times in R?

StringRRepeat

Attributions

All content for this solution is sourced from the original question on Stackoverflow.

The content on this page is licensed under the Attribution-ShareAlike 4.0 International (CC BY-SA 4.0) license.

Content TypeOriginal AuthorOriginal Content on Stackoverflow
QuestionMattView Question on Stackoverflow
Solution 1 - Command LinejariqView Answer on Stackoverflow
Solution 2 - Command LinefishtailView Answer on Stackoverflow
Solution 3 - Command LineJamesView Answer on Stackoverflow
Solution 4 - Command LineY.MuranakaView Answer on Stackoverflow