Hi All, The following code is to extract cert from a pfx file. p12Cert = d2i_PKCS12_fp(fp, NULL); //fp points to a .pfx file. PKCS12_parse(p12Cert, pass, NULL, oCert, NULL);
Here the resultant oCert has multiple localKeyID as shown below. MAC verified OK Bag Attributes localKeyID: 01 00 00 00 localKeyID: E3 E8 08 75 10 C2 89 A6 8A 5C 81 B5 4B 0C 43 49 10 FC 00 BD The second localKeyID seen in the Bag attributes is actually the thumbprint. But extracting cert from the same pfx file using openssl command line utility (openssl pkcs12 -in input.pfx -clcerts -nokeys -out outcert.pem) results in single localKeyID attribute. Bag Attributes localKeyID: 01 00 00 00 Can anyone please tell me why there is an additional localKeyID with the first method? Thanks in Advance Shafeek