[英]Windows asks for p12 password when installing p12 key generated by openssl
If I generate a p12 certificate with openssl as: 如果我使用openssl生成p12证书:
openssl pkcs12 -export -in myprivatecert.pem -nokeys -out mycert.p12
Even though I ask openssl to not export the private key, why does windows still require the private key password when installing the certificate. 即使我要求openssl不导出私钥,为什么Windows在安装证书时仍然需要私钥密码。
I figure I am missing something. 我想我错过了什么。
The password is for the PKCS12 file itself, not for the private key. 密码用于PKCS12文件本身,而不是私钥。 You can specify a blank password by adding "-password pass:" like this:
您可以通过添加“-password pass:”来指定空白密码,如下所示:
$ openssl pkcs12 -password pass: -export -in myprivatecert.pem -nokeys -out mycert.p12
You will still be prompted by Windows for the password, but you can leave it empty, and the import will work fine. Windows仍会提示您输入密码,但您可以将其保留为空,导入工作正常。
If all you are importing on Windows is the certificate, without the key, they you can also use the DER format like this: 如果您在Windows上导入的所有内容都是证书而没有密钥,那么您也可以使用DER格式,如下所示:
$ openssl x509 -in myprivatecert.pem -outform DER -out mycert.der
One benefit of this is that when you double-click this file on Windows, it recognizes the der extension, and you can view the certificate details just before importing. 这样做的一个好处是,当您在Windows上双击此文件时,它会识别der扩展,您可以在导入之前查看证书详细信息。 Also, there will be no password prompt.
此外,将没有密码提示。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.