Join Log in
Score:0
luis.ap.uyen avatar Ubuntu

Automatically enter user input several times to command stdin

us flag
luis.ap.uyen

I need to perform a conversion of digital certificates from pfx to pem on an external application from which I can run system commands. I can do this from CLI by using the command:

openssl pkcs12 -in path/to/cert.pfx -out path/to/cert.pem

This will prompt the user for the certificate password, and secondly, for a passphrase.

I've tried the solution provided here: Automatically enter input in command line

And it is not working for me. So, if I try (note the line breaks):

printf 'the_password\nthe_passphrase\n' | openssl pkcs12 -in path/to/cert.pfx -out path/to/cert.pem

It will still ask me for the password and passphrase. I also tried using echo, without success.

Any ideas?

EDIT:

Following Level9's advice, I've tried using openssl options, like this:

openssl pkcs12 -in path/to/cert.pfx -out path/to/cert.pem -password pass:the_password -passout pass:

I've tried both providing a passphrase and not, like in the example. Now it generates the pem file, but if I try to open it from my file system, just to check if it's correct, then I'm asked for the password, but it will not accept the one I provided in the command line.

354
1 + 1
bac0n avatar
cn flag
bac0n
maybe this can help you: [How to generate an openSSL key using a passphrase from the command line?](https://stackoverflow.com/questions/4294689/how-to-generate-an-openssl-key-using-a-passphrase-from-the-command-line)
0
Reply
Score:1
Level9 avatar Ubuntu
cn flag
Level9

Have a look at the options for specifying passwords in openssl.

openssl pkcs12 -help

If that doesn't work for you then try the "expect" utility.

sudo apt install expect
0 + 3
luis.ap.uyen avatar
us flag
luis.ap.uyen
I've tried doing a research in the command options (see my edit section in the question), but I don't seem to get it working. Since you knew there's something provided by the openssl options, could you tell me if I am doing anything wrong?
0
Reply
Level9 avatar
cn flag
Level9
I'm not in position to try this now but if password of pfx is pfxpass then try enter `openssl pkcs12 -in path/to/cert.pfx -out path/to/cert.pem -passin pass:pfxpass -passout pass:` Of course you can specify a password after the : in the last command if you do want a password of the pem-file.
1
Reply
luis.ap.uyen avatar
us flag
luis.ap.uyen
Now it seems to work. Thanks a lot! I still don't know about the difference of the -password -passin and -passout options and why the "pass" prefix to the value (I'm not savvy on either digital certificates or Linux CLI), but I won't touch anything! :D
0
Reply
ธงชาติไทย
Elon Musk
I sit in a Tesla and translated this thread with Ai:

mangohost

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.