2

Need guidance on the below question as I have tried to do this for last couple of days.

Scenario:

From Client side I have generated my system specific certificate which is .p12 type. However, in my code I need to insert X509 certificate as an input parameter.

My question is is there a way to convert/create a X509 certificate with the help of the .p12 private certificate. It would be a great help if someone can share links/articles or Blogs, so that I can get some idea on this.

Appreciate your help!!!

Aritra
  • 83
  • 2
  • 9
  • You should ask a specific question for a particular programming problem. Since Stack Overflow hides the Close reason from you: *"Questions asking us to recommend or find a book, tool, software library, tutorial or other off-site resource are off-topic for Stack Overflow as they tend to attract opinionated answers and spam. Instead, describe the problem and what has been done so far to solve it."* – jww Oct 20 '17 at 13:33

1 Answers1

2

A PKCS12 is a bag of X509 certificates and keys. One of the certificates in the bag is going to be the X509 certificate you want.

You can manually extract the certificate from the PKCS12 using the OpenSSL command line, you can also do this via code but to help with that I need to know what language your using.

Based on the link it seems you might be using C#, if so you want to do something similar to:

X509Certificate2 mycert = new X509Certificate2("my.p12", "public", X509KeyStorageFlags.DefaultKeySet);
jww
  • 97,681
  • 90
  • 411
  • 885
rmhrisk
  • 1,814
  • 10
  • 16
  • Thank you for the quick response. I am OK to manually extract the content. When I have converted the PKCS12 certificate to .pem format I see there are 4 different Bag Attributes along with different certificate body (contents inside -----BEGIN CERTIFICATE----- and -----END CERTIFICATE-----). Also I have written the code in C# and you can find that from this [link](https://stackoverflow.com/questions/46722997/saml-assertion-in-a-xml-using-c-sharp) – Aritra Oct 20 '17 at 05:55
  • To manually get the certificate you would do something like: openssl pkcs12 -in keyStore.pfx -out keyStore.pem -nodes – rmhrisk Oct 20 '17 at 05:57