I had to convert a .pfx certificate into a .pem certificate. However, following a bug I am working on, I am wondering whether the .pem's passphrase has been set properly.
How can I check this easily from a terminal/command line?
Asked
Active
Viewed 2.4k times
4
Jérôme Verstrynge
- 4,787
- 7
- 24
- 35
1 Answers
12
Actually it's only the key what is protected in the PEM file. You can check the password used to encrypt the key with the following command:
openssl pkey -in /the/pem/file.pem
If it prints the key, then the password you supplied is correct. If it doesn't ask for a password, then it is not protected.
To check it programmatically, use the following:
openssl pkey -in /the/pem/file.pem -passin pass:the_password -noout
and check the $? variable for success. Unfortunately, in this case there is no way to tell whether the key is encrypted or not.
Lacek
- 7,233
- 24
- 28