[prev in list] [next in list] [prev in thread] [next in thread]
List: openssl-users
Subject: Re: [openssl-users] Cannot read exported PKCS12 cert and private key
From: Viktor Dukhovni <openssl-users () dukhovni ! org>
Date: 2017-04-29 4:03:45
Message-ID: 20170429040345.GC22954 () mournblade ! imrryr ! org
[Download RAW message or body]
On Mon, Mar 13, 2017 at 02:27:39AM -0700, Gary L Peskin wrote:
> I exported a certificate and corresponding private key in base 64 encoded
> DER format
For the record, there is no such thing as base64-encoded DER format.
DER a binary encoding of ASN.1. A format would be particular ASN.1
structure, which can be encoded as DER, or in many cases as PEM.
OpenSSL has no PEM encoding for PKCS#12 objects. These are supported
only in DER-encoded form.
> I tried to read it using OpenSSL 1.0.2k
You gave it a PEM header that would be appropriate for a single
X.509 certificate, but the enclosed object is PKCS#12, not X.509.
> 15956:error:0D0680A8:asn1 encoding routines:ASN1_CHECK_TLEN:wrong
> tag:.\crypto\asn1\tasn_dec.c:1199:
This is expected. I'm attaching the corresponding binary PKCS#12
file. You should be able to decode that with the appropriate
passphrase.
--
Viktor.
["CACTEST_CA.p12" (application/octet-stream)]
--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic