Exports or imports a PKCS #12 file into a certificates file and a private key.
certpk12 {-O Pkcs12_file | -I Pkcs12_file} [-C Cert_file] [-K Key_file] [-P key_password] [-E Pkcs12_password] [-v]
-C Cert_file
specifies the name of certificate file to be exported to a PKCS #12 file if -O is “on”; or the name of certificate file to be imported from a PKCS #12 file if -I is “on.”
-K Key_file
specifies the name of private key file to be exported to a PKCS #12 file if -O is on; or the name of private key file to be imported from a PKCS #12 file if -I is on.
-P Key_password
specifies the password which is used to protect the private key specified by -K. If -O is on, the password is required to export the private key to a PKCS #12 file; if -I is on, the password is required to output the private key to a text file after it is imported from a PKCS #12 file.
-O Pkcs12_file
specifies the name of a PKCS #12 file to be exported. The file can contain a certificate plus a private key, a single certificate, or a single private key. Either -O or -I needs to be on.
-I Pkcs12_file
specifies the name of a PKCS #12 file to be imported. The file can contain a certificate plus a private key, a single certificate, or a single private key. Either -I or -O needs to be on.
-E Pkcs12_password
specifies the password used to protect the PKCS #12 file. If -O is “on,” the password is used to encrypt the PKCS #12 file to be exported; if -I is “on,” the password is used to decrypt the PKCS #12 file to be imported. The password is also called “transport password.”
-v
prints the version number and copyright message of the certpk12 tool and exits.
This example exports certificate file, caRSA.crt and private key file, caRSApkey.txt to a PKCS #12 file, caRSA.p12. password is the password used to decrypt caRSApkey.txt. pk12password is the password used to encrypt the final caRSA.p12:
certpk12 -O caRSA.p12 -C caRSA.crt -K caRSApkey.txt
-P password -E pk12password
-- Sybase PKCS #12 Conversion Utility certpk12 Thu Nov 9 16:55:51 2000--
This example imports a PKCS #12 file, caRSA.p12 which contains a certificate and a private key. Output the embedded certificate to a text file, caRSA_new.crt and the embedded private key to a text file, caRSApkey_new.txt. new_password is used to protect caRSApkey_new.txt, and pk12password is required to decrypt caRSA.p12 file:
certpk12 -I caRSA.p12 -C caRSA_new.crt -K caRSApkey_new.txt -P new_password -E pk12password
-- Sybase PKCS#12 Conversion Utility certpk12 Thu Nov 9 16:55:51 2000--
After running example 1 and 2, caRSA.crt and caRSA_new.crt are identical.
However, caRSApkey.txt and caRSApkey_new.txt are
different because they are encrypted randomly.
This example exports the certificate file called caRSA.crt to a PKCS#12 file called caRSAcert.p12. pkcs12password is used to encrypt caRSAcert.p12:
certpk12 -O caRSAcert.p12 -C caRSA.crt -E pk12password
-- Sybase PKCS#12 Conversion Utility certpk12 Thu Nov 9 16:55:51 2000--
This example imports a PKCS #12 file called caRSAcert.p12, which contains a certificate. It outputs the embedded certificate to a text file called caRSAcert.txt. pk12password is required to decrypt caRSAcert.p12 file.
certpk12 -I caRSAcert.p12 -C caRSAcert.txt
-E pk12password
-- Sybase PKCS#12 Conversion Utility certpk12 Thu Nov 9 16:55:51 2000--
After running examples 3 and 4, caRSA.crt and caRSAcert.txt are identical.
certpk12 only supports triple-DES encrypted PKCS #12 file.
Append certificate requestor's private key to the end of its signed certificate file.
Name the file servername.crt, where servername is the name of the server, and place it in the certificates directory under $SYBASE/$SYBASE_ASE.
This file is needed to start the SSL-enabled Adaptive Server.
certreq and certauth
