I want to use openssl pkcs12 to convert lots of pem files into pfx files - but is it possible to pass in a password via the command line?

Question

I want to use openssl pkcs12 to convert lots of pem files into pfx files - but is it possible to pass in a password via the command line?

I have quite a lot of pem files:

So I want to enter a password into Powershell once that is then used to pass in via the command line -> rather than have to keep manually typing it in twice for each pem.

Is this even possible?

I have tried -pass pass: which does not work:-

openssl pkcs12 -export -out outfile.pfx -inkey pem.key -in pem.cert -pass pass: somePassword

FYI: This is my current Powershell script:-

$TopLevel = "C:\CertConversion\"
$OutputFolder = "$TopLevel"+"Processed\"
$CertFolder = "$TopLevel"+"CertsToProcess\"

$PasswordIWantToUse = Read-Host "PEM Conversion - Please enter a password"

$list = Get-ChildItem -Path $CertFolder

ForEach($i in $list)
{
     $pemName =  $i.Name
     
     $list = Get-ChildItem -Path $CertFolder

     $simpleName = $pemName.Replace(".pem","")

     $OutputFile = "$OutputFolder"+"$simpleName"+".pfx"

     openssl pkcs12 -export -out $OutputFile -inkey "$CertFolder$pemName" -in "$CertFolder$pemName"

}

Note: For each pem I currently get prompted "Enter Export Password:" then re-prompted "Verifying - Enter Export Password:"

---

I gave this another go - based on suggestions in the answer from @JMusgrove

The answer turned out to be: -password pass:

So in full:

openssl pkcs12 -export -out $OutputFile -inkey "$CertFolder$pemName" -in "$CertFolder$pemName" -password pass:$PasswordIWantToUse

Answer 1

According to the builtin help, the arguments are:

-password p   set import/export password source
-passin p     input file pass phrase source
-passout p    output file pass phrase source

You may just need to change your -pass argument to either -password or -passout

Edit: Additionally, in other examples I've seen, there's no space between "pass:" and the password itself.