IT Security Stack Exchange
IT Security Stack Exchange

Questions tagged [pkcs12]

34 questions
10
votes
1 answer

Is there an official standard and/or name for PEM certificate bundles?

This is a question that's not really about security proper. It's about security/crypto nomenclature. It's been bugging me a bit, so here goes: I know two approaches for bundling related certificates/keys together: Heavy weight approach: PFX. There…
StackzOfZtuff
  • 17,783
  • 1
  • 50
  • 86
6
votes
1 answer

Extract public information from p12 without having the password

I know this question was already asked here but unfortunately there are no satisfactory answers. Please correct me if I'm wrong, but if I have a p12 file the following two situations are possible: The whole p12 file is encrypted. But not only the…
alrightythen
  • 63
  • 1
  • 1
  • 4
6
votes
1 answer

uploading pkcs12 to yubikey piv slot

i have a id_rsa (private key which is used by me to authentication and encryption together with cert on yubikey piv smardcart provider on slot 9a) now i wish to use this key to create a pkcs12 keystore (private key + self signed cert) to sign jar…
ceph3us
  • 161
  • 1
  • 6
4
votes
1 answer

Extract expiration date from private key file (.p12) without the password

Is it possible to extract the expiration date from a private key (.p12 file) without knowing the password? I used the command bellow without success: openssl pkcs12 -in test.p12 -nokeys -nomacver
user159486
  • 43
  • 1
  • 1
  • 4
4
votes
1 answer

How do digital signatures on PDF documents work?

I recently filled out a PDF document which required me to append a digital signature. The PDF document had a link embedded in it that I clicked and went through the process. I am curious how this works. At some point during the signing, I am sure…
Minaj
  • 1,536
  • 2
  • 14
  • 23
3
votes
4 answers

Using OpenVPN on Windows instead of VPN apps: missing certificate

Sorry this might be a noob question, but I subscribed to a VPN provider which ships its own app on Windows. Now I thought I'd prefer to use the OpenVPN client app instead. I create a profile by providing it with a .ovpn file, which contains a
PlasmaBinturong
  • 141
  • 1
  • 4
2
votes
1 answer

P12 private key vs private key file : what is more secure?

The question is a bit tricky because they don't have the same purpose but : Do both kind of file face the same security issue concerning private key protection : password strength? (PBKDF2 as both are often encrypted using password-based…
crypto-learner
  • 697
  • 1
  • 7
  • 17
2
votes
1 answer

How secure is PKCS #12

I need to move user cryptographic identity between several user devices. In the operating system I have only one option: use password-protected PKCS #12 to import the identity to the OS secure store. I’m wondering how secure PKCS #12 is. Can the p12…
eofster
  • 205
  • 1
  • 6
2
votes
1 answer

Private key differs when creating a pfx container and then extracting it from it

Assuming a private_key.pem and the associated certificate client_cert.pem signed by CA (CSR signed with private_key.pem). Next, I create the pfx container with: # create pfx with private_key.pem and client_certificate.pem openssl pkcs12 -export -in…
thanosam
  • 23
  • 4
2
votes
0 answers

Custom keystore/certificate to hold asymmetric (RSA) keys

My app will require maintaining an RSA keypair locally on the user's machine. I was a bit disappointed to discover that PKCS#12 and JKS don't offer higher than 3DES (correct me if I have this wrong). Or feel free to suggest a standard that…
0zero
  • 43
  • 5
1
vote
2 answers

PKCS#12 File - security impacts when imported in Web Browser or Windows Store?

When a PKCS12 file is imported into a Web browser or Windows store the user is prompted for private key password. How does the browser or operating system manage this password? Is it secure?
crypto-learner
  • 697
  • 1
  • 7
  • 17
1
vote
0 answers

Guidance on Login using Digital Signature DSC (PKCS12 and x509 certificate)

I'm interesting in exploring possibility to authenticate user using their Digital Certificate. The methodology is to first register the DSC from the user and keep their Public key along with Serial No. and Name etc. Later when user selects the same…
r tanwar
  • 11
  • 2
1
vote
1 answer

Can a PKCS12 file be distributed over insecure channel?

Is the PKCS12 only as secure as the password protecting private keys ? Can I distribute the p12 file over an insecure channel ?
crypto-learner
  • 697
  • 1
  • 7
  • 17
1
vote
1 answer

Why do certain openssl-generated pkcs12 MAC algorithms not work?

I have a folder with a private key file, certificate file, and a subfolder with several root certificate files. I have concatenated the latter into the file $DIR/Root Certificates/all.crt. If I create a pkcs12 certificate out of this using: openssl…
aphid
  • 273
  • 1
  • 6
1
vote
1 answer

Java KeyStore vs OpenSSL implementations of pkcs12 files -They seem to differ. Do they?

I generated a pkcs12 keystore in Java and wanted to inspect it with OpenSSL, but OpenSSL threw back an error. After a bit of head scratching I realized that the KeyStore format in Java allows you to have different passwords on the store itself and…
Jamie Le Tual
  • 13
  • 2
1
2 3