PKCS #12 is the standard format for communicating an encrypted private key along with a certificate. It is typically used to move a private key and its associated public certificates from one system to another, or to back up (say) a webserver's private key and its certificate.
-Kyle H On Thu, Dec 24, 2009 at 7:33 AM, Mazza, Glen R. <glen.r.ma...@saic.com> wrote: > Hello, I'm confused somewhat about the workings of OpenSSL, in particular > the following command: > > > > openssl pkcs12 -export -inkey servicekey.pem -in servicecert.pem -out > service.p12 -name myservicekey -passin pass:sspass -passout pass:skpass > > > > Question: Does the above command create a private key named "service.p12" > or a keystore named "service.p12" that has a private key within it? I’m not > sure what service.p12 is -- is it a keystore or a private key? > > > > If it is a keystore containing a private key, just to confirm, there is no > real way with OpenSSL to create a private key without its enclosing > keystore, correct? I.e., it is usual and normal for OpenSSL to create its > private keys within keystores. > > > > But if it is just a private key, does OpenSSL provide the ability to create > a keystore that can be used to house this private key? (What would the > command be for that)? > > > > Thanks, > > Glen > > ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
