Overview #PKCS #12 is one of the Public-Key Cryptography Standards which was titled Personal Information Exchange Syntax Standard which is described in RFC 7292
PKCS12 is a container format can contain multiple embedded objects, such as multiple certificates. Usually protected/encrypted with a password. Usable as a format for the Java KeyStore and to establish client authentication certificates in Mozilla Firefox. Usable by Apache Tomcat.
PKCS12, also called Personal Information Exchange format (PFX), enables the transfer of certificates and their corresponding Private Keys from one computer to another or from a computer to removable media.
Because exporting a Private Key might expose it to unintended parties, the PKCS12 format is the recommended format for exporting a certificate and its associated private key.
It is used in Firefox and Microsoft Internet Explorer with their import and export options.
Primary purpose of PKCS12 is transport or backup.
The PKCS12 Bundle Contains:
- Private key encrypted with password
- Associated certificate
- Other certificates (chain through trust achor)
- Private key must be extractable for export
- File extension = .p12 or .pfx
- Always binary