How to extract/export the certificate (.cer) from the .p12 keystore for SMP/E Internet Retrieval Services
search cancel

How to extract/export the certificate (.cer) from the .p12 keystore for SMP/E Internet Retrieval Services

book

Article ID: 255929

calendar_today

Updated On:

Products

COMMON SERVICES FOR Z/OS

Issue/Introduction

We've generated new client certificate files for SMP/E Internet Retrieval Services. Until last year the delivered file was a .cer only containing the certificate. Now we can only choose p12 or pfx . The file contains the key and the certificate and a passphrase for each file is needed. To simplify the administration it would be easier to extract the cert out from the downloaded file. I've tried this using openssl on different platforms but no success. 

Error:

[user_id@host_name /public/wrzosw]# openssl pkcs12 -in ca-receive-order.pfx -clcerts -nokeys -out ca-receive-order.crt
139781361641360:error:0D0680A8:asn1 encoding routines:ASN1_CHECK_TLEN:wrong tag:tasn_dec.c:1239:
139781361641360:error:0D07803A:asn1 encoding routines:ASN1_ITEM_EX_D2I:nested asn1 error:tasn_dec.c:405:Type=PKCS12

Is it possible to extract the certificate and if yes - can you please provide instructions how to do this?

Environment

Release : 15.0

Resolution

Follow these steps to steps to import the .p12 keystore then export the certificate from the .p12 keystore:

Go to Control Panel then Internet Options.

Click Internet Options.

Click content followed by certificate.

Click import.

Locate where the .p12 keystore is located on your PC and click next.

Decide where to store the keystore.

 

Enter the password.

 

 

Click next.

 

 

Click finish:

 

.p12 keystore with certificate is imported successfully.

Now export/extract the certificate (.cer) from the .p12 keystore:

 

 

Click next.

 

 

Click next.

 

Click next.

 

Assign a name for the certificate and click next.

 

Click finish.

Result of export:

 

Powered by Wolken Software