Unable to load Key pair from p12 certificate - OPENSSL error

ssl certificate openssl public-key-encryption
5,444

[Solved] It was WAPI technology, this one using different - not standard elliptic curve, so openssl can't work with it, need specific version on ssl called GmSSL enter link description here

Share:
5,444

Related videos on Youtube

Alex Vartanov
Author by

Alex Vartanov

Updated on September 18, 2022

Comments

  • Alex Vartanov
    Alex Vartanov over 1 year

    I try to extract public and private keys from PKCS#12 certificate with openssl and always have the same error, even i just want to see it without output file (with flag -info)

    after the certificate himself i see this:

    -----END CERTIFICATE-----
PKCS7 Data
Shrouded Keybag: pbeWithSHA1And3-KeyTripleDES-CBC, Iteration 2048
Bag Attributes
    localKeyID: 61 D1 40 34 84 2B 94 88 B1 77 23 C2 7F 46 30 DB 8C 4C 26 3A
    friendlyName: p12_name_iwn
Error outputting keys and certificates
22184:error:100D5010:elliptic curve routines:eckey_priv_decode:EC lib::0:
22184:error:0606F091:digital envelope routines:EVP_PKCS82PKEY:private key decode error::0:
error in pkcs12 `

    I have separated private key from this certificate, exported from standard Microsoft Manager Console, in .pfx format, when i try to extract him to change it to .pem format, i still have the same error....

    Openssl version I use : openssl-1.1.1c-win64

    Command: pkcs12 -in file.p12 -info (I used the same command with -outpu file.pem flag, but have the same issue)

    Someone have solution for this, maybe? Thanks a lot.

    • Spiff
      Spiff almost 5 years
      Please edit your question post to include the version of openssl you are using, and the exact openssl command-line syntax you were using to try to do this. Also, since .p12's include private keys, they are always supposed to be encrypted with a password. The fact that you didn't mention anything about using a password makes me wonder if you were trying to extract from it without providing the necessary password.
    • Alex Vartanov
      Alex Vartanov almost 5 years
      Oh, sorry, right, I edit the question, and of course password was entered, and I see the part of the certificate, but in keys part I have an error, thank you.

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

OpenSSL Verify Peer (Client) Certificate in C++
Error while creating self-signed SSL certificate
SSL certificate not accepted
SSL certificate generated with OpenSSL not working on NSS
What is the role of cakey.pem and cacert.pem in addition to .key and .crt based encryption
SSL issue: The private key did not match the public key provided
Can't verify an openssl certificate against a self signed openssl certificate?
openssl p12 generation failing with CA bundle chain option
Can it be found out, what websites/domains an SSL (pem) certificate approves of?
Decrypt PEM containing key and certificate