Extract client certificate and private key from .p12 file

Question

Extract client certificate and private key from .p12 file

Can anyone tell me how to use

PKCS12 *d2i_PKCS12_fp(FILE *fp, PKCS12 **p12); int PKCS12_parse(PKCS12 *p12, const char *pass, EVP_PKEY **pkey, X509 **cert, STACK_OF(X509) **ca);

any documentation link will also work.

+4

c openssl ssl-certificate pkcs # 12

Bharat Aug 23 '10 at 16:12

source share

2 answers

Here is the openssl parsing page: PKCS12_parse.html
Here is Apple's link to using openssl libs: see PKCS # 12, Section 2: I / O

From the Apple website, here are descriptions:

 int PKCS12_parse(PKCS12 *p12, char *pass, EVP_PKEY **pkey, X509 **cert, STACK **ca);

This function takes a PKCS12 structure and password (ASCII, null termination) and returns the private key, the corresponding certificate, and any CA certificates. If any of them is not required, it can be passed as NULL. The "ca" parameter must be either NULL, or a pointer to NULL, or a valid STACK composition. Typically, for reading in a PKCS # 12 file, you can:

 p12 = d2i_PKCS12_fp(fp, NULL); PKCS12_parse(p12, password, &pkey, &cert, NULL); /* CAs not wanted */ PKCS12_free(p12);

+2

aspergillusOryzae Jul 16 '12 at 23:49

source share

caf · Accepted Answer · 2010-08-24T03:43:27+0000

Without error checking:

 FILE *p12_file; PKCS12 *p12_cert = NULL; EVP_PKEY *pkey; X509 *x509_cert; STACK_OF(X509) *additional_certs = NULL; p12_file = fopen("foo.p12", "rb"); d2i_PKCS12_fp(p12_file, &p12_cert); fclose(p12_file); PKCS12_parse(p12_cert, "password", &pkey, &x509_cert, &additional_certs);

The private key is now in pkey , certificate in x509_cert and any additional certificates in additional_certs .

Extract client certificate and private key from .p12 file

More articles: