Unable to load Key pair from p12 certificate - OPENSSL error
[Solved] It was WAPI technology, this one using different - not standard elliptic curve, so openssl can't work with it, need specific version on ssl called GmSSL enter link description here
Related videos on Youtube
Alex Vartanov
Updated on September 18, 2022Comments
-
Alex Vartanov over 1 year
I try to extract public and private keys from PKCS#12 certificate with openssl and always have the same error, even i just want to see it without output file (with flag -info)
after the certificate himself i see this:
-----END CERTIFICATE----- PKCS7 Data Shrouded Keybag: pbeWithSHA1And3-KeyTripleDES-CBC, Iteration 2048 Bag Attributes localKeyID: 61 D1 40 34 84 2B 94 88 B1 77 23 C2 7F 46 30 DB 8C 4C 26 3A friendlyName: p12_name_iwn Error outputting keys and certificates 22184:error:100D5010:elliptic curve routines:eckey_priv_decode:EC lib::0: 22184:error:0606F091:digital envelope routines:EVP_PKCS82PKEY:private key decode error::0: error in pkcs12 `
I have separated private key from this certificate, exported from standard Microsoft Manager Console, in .pfx format, when i try to extract him to change it to .pem format, i still have the same error....
Openssl version I use :
openssl-1.1.1c-win64
Command:
pkcs12 -in file.p12 -info
(I used the same command with -outpu file.pem flag, but have the same issue)Someone have solution for this, maybe? Thanks a lot.
-
Spiff almost 5 yearsPlease edit your question post to include the version of openssl you are using, and the exact openssl command-line syntax you were using to try to do this. Also, since .p12's include private keys, they are always supposed to be encrypted with a password. The fact that you didn't mention anything about using a password makes me wonder if you were trying to extract from it without providing the necessary password.
-
Alex Vartanov almost 5 yearsOh, sorry, right, I edit the question, and of course password was entered, and I see the part of the certificate, but in keys part I have an error, thank you.
-