I have a piece of embedded software generating P12/PFX formatted output data.
The PFX is not password protected, that means instead of using a password-derived encryption/mac key the data is encrypted with a public key and signed with my private key.
In RFC7292 section 3.1 this is called public-key privacy and integrity modes.
My question is, how can I validate the PFX I receive, e.g. using openssl? (I'm not restricted to use openssl, by the way I google'd around but could not find a way…)
I tried
openssl pkcs12 -info -in test.pfx
but openssl requests a password, which is not applicable here. Did I miss any option to not being asked for a password?
Best Answer
Alternatively, you can just use
and when it asks for Import Password or PEM Pass Phrase (and you didn't use any while generating the pfx file), just press Enter.