But again, we have no trouble generating the combined key and cert, into one file, and importing into Mac keychain (or Windows, or Linux, or Unix..) All this is on OpenSSL 0.9.8k or 'l'.
Midori, does your problem on Mac go away if you attempt import the combined key/cert file? (I guess I don't see the 'Use Case') Lou Picciano ----- Original Message ----- From: "Dr. Stephen Henson" <st...@openssl.org> To: openssl-users@openssl.org Sent: Friday, November 13, 2009 10:06:37 AM GMT -05:00 US/Canada Eastern Subject: Re: PKCS12 import error into MacOSX keychain access On Fri, Nov 13, 2009, Midori Green wrote: > Deae Lou and Dr. Henson: > > I would appreciate it, if Dr. Henson, you could examine the attached > file, and see if it possible to determine if OpenSSL can do the reverse. > (Take a existing RSA private key and create a PKCS12 file for it > without an certificate, and import that into KeyChain Access so that > it imports the RSA private key. > > Perhaps once the existing RSA private key is successfully imported, > I can then import the certificate in a separate PKCS12 file as Lou > described. > You need OpenSSL 1.0.0 at least to create PKCS#12 files without certificates, this should work: openssl pkcs12 -export -inkey key.pem -nocerts -out key.p12 The only obvious difference between the two is that the iteration count is different which shouldn't make any difference. Steve. -- Dr Stephen N. Henson. OpenSSL project core developer. Commercial tech support now available see: http://www.openssl.org ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
