41

What is the utility of .p12 file/certificate? I am not getting any correct definition when searching the internet:

  • In one site I got "it stores server side certificates along with intermediate certificates and private key in one file. Its mostly used in Windows Machine"

  • In another site i got "it binds a organizations public key with its name.

My question is whether its public key or private key which is included in the .p12 certificate.

TylerH
  • 20,799
  • 66
  • 75
  • 101
Pallab
  • 687
  • 1
  • 7
  • 15

1 Answers1

59

The .p12 contains both the private and the public key, and also information about the owner (name, email address, etc. ) all being certified by a third party. With such certificate, a user can identify himself and authenticate himself to any organization trusting the third party.

You should be able to see the content of the p12 file with 

openssl pkcs12 -info -in filename.p12

provided openssl is installed in your system.

damienfrancois
  • 52,978
  • 9
  • 96
  • 110
  • 1
    if the private key is included in .p12, then anyone other than the owner(who has the .p12 file) can its corresponding private key? so isn't it insecure way of communication? – Pallab Oct 26 '13 at 08:50
  • 9
    the p12 is normally protected with a password and is not shared. It is imported in an application (e.g. a browser or a password manager) When a authentication must take place, the browser sends the identification information and its public key. The server then offers a challenge only the owner of the private key can solve. The browsers then sends back the solution of the challenge and the user is both identified and authenticated. Anyone getting access to the p12 will be able to impersonate the real owner. – damienfrancois Oct 26 '13 at 08:59
  • 1
    So if you have a mobile application, which sends the p12 file with HTTPS POST to the server, am I sending a private key with it? I don't get, is the private key included or not? – narancs Apr 19 '17 at 01:34
  • 1
    @Karoly You would not send the p12 files. It would stay on the device only. – Dojo Jun 11 '20 at 13:20