-
Notifications
You must be signed in to change notification settings - Fork 1.1k
PKCS #12 Support Requirements
Nick Sullivan edited this page Oct 9, 2015
·
1 revision
The issue of exporting data in PKCS12/PFX format was raised in issue 61 (https://github.com/cloudflare/cfssl/issues/61). This document describes the requirements for completing this task.
Both the CLI and API for gencert should have an option to output the key/certificate pair in PKCS12 format. If the signer is a remote signer, this command should bundle the certificate from the remote call with the locally generated key.
There should also be an optional parameter called password that, when sent, is used to password-protect the PKCS12 file.