Creation of a PKCS12 file from a certificate with or without a key

13. April 2023

Create PKCS12 file from private key and new certificate

If you want to assemble a new PKCS12 file (extension .p12 or .pfx) from an existing key and a new certificate, you can use the open source tool XCA. The following GLOBALTRUST product types are delivered as PKCS12 files by default and are therefore suitable for this guide:

SIGNATURE
✓ COMPANY

✓ You can find an overview of all products here

Process:

  1. Download XCA
  2. Run the setup and install the tool.
  3. From the File menu, choose New Database and enter any filename.
  4. Select the “Private Keys” tab and click on “Import”. Specify the private key file.
  5. Select the “Certificates” tab and click on “Import”. Specify file with the new certificate.
  6. Select the imported certificate and click “Export”.
  7. Select “PKCS#12 with certificate chain” as the export format and specify a target path.
  8. Enter an export password
  9. The database file created in point 3 is deleted again.

Create certificate without private key in PKCS12 format

Generation using openssl:

(The prompted password must remain blank, as the private key is not used)

openssl pkcs12 -nokeys -in [certificate-file-old].pem -export -out [certificate-file-new].p12

Content control:

openssl pkcs12 -info -in [certificate-file-new].p12

You might be interested in that

Sign and encrypt emails using an Apple iPhone

Sign and encrypt emails using an Apple iPhone

User guide for signing and encrypting emails with the GLOBALTRUST CLIENT certificate on your Apple iPhoneAs of May 10, 2023 1 Basic 1.1 Goals of this document A step-by-step guide on how to add the certificate to your iPhone to then sign and/or encrypt emails. This guide was created for an Apple iPhone (iOS version:...

read more
Sign and encrypt with the UPC token in Outlook

Sign and encrypt with the UPC token in Outlook

User guide for signing and encrypting emails using the GLOBALTRUST UPC token V2.0 (issued from May 15, 2023) in Microsoft Outlook.As of May 9, 2023 1 Basics 1.1 Goals of this document A step-by-step guide on how to add the certificate in Microsoft Outlook to sign and/or encrypt emails.These instructions were created...

read more
On letters, stamping and (e-)seals

On letters, stamping and (e-)seals

On letters, stamping and (e-)seals Still stamping or already sealing? Fully automated and at the highest security level? If no, you should think about it: You can use the electronic seal as a digitization turbo and make it the central game changer of your organization. Did you know that there are administrative...

read more