Unlike PEM files, P12/PFX files are not base 64 encoded text files.
These directly have ASN.1 encoded content w/o line breaks.
On Thu November 12 2009, Michael S. Zick wrote:
On Thu November 12 2009, Midori Green wrote:
On Thu, Nov 12, 2009 at 7:01 AM, PMHager wrote:
Just a suggestion
Might be this can help you to solve the issue: In the attached gif is
the ASN.1 decoded content of the PFX (upper part) and the decrypted
content of the pkcs8ShroudedKeyBag's octet string (lower part).
A question regarding the Mac import attempt: Does the error occur
before or after it asks
Hi,
I want to port few MS Crypto Api's on Linux.
Here are api's which i want to port.
CryptSetKeyParam
CryptDecrypt
CryptEncrypt
CryptGetKeyParam
CryptHashData
CryptCreateHash
I want to use the same parameters used for encryption and decryption
on windows.
For e.g.
CryptDecrypt uses
Hi ALL ,
I tried to build openssl-1.0.0-beta4 version of Openssl for AIX . I am
getting error while building .
I have followed the following step.
1. ./Configure -DSSL_ALLOW_ADH --prefix=/usr --openssldir=/var/ssl
no-idea no-rc5 no-ec no-symlinks shared threads aix-cc
Configuring for
Hi,
I want to port few MS Crypto Api's on Linux.
Here are api's which i want to port.
CryptSetKeyParam
CryptDecrypt
CryptEncrypt
CryptGetKeyParam
I want to use the same parameters used for encryption and decryption
on windows.
For e.g.
CryptDecrypt uses parameters:
hkey ---key to use
Hi all,
if certificates and associated keys are stored on HW (Sun crypto card for
example), is there a way in openssl to specify the card as the location of
these certificates/kets?
It appears from the methods below, the openSSL only takes filesystem directory
paths and file names as input
Hi All,
I am trying to run the NTP Daemon source code (ntp-4.2.4p7.tar.gz) with OpenSSL
(Win32OpenSSL-0_9_8k.exe) . The application ntpd.exe as well as ntp_keygen.exe
crashes while running.
I have debugged the source code and found that the crash is happening with the
calls
Might be this can help you to solve the issue: In the attached gif is
the ASN.1 decoded content of the PFX (upper part) and the decrypted
content of the pkcs8ShroudedKeyBag's octet string (lower part).
A question regarding the Mac import attempt: Does the error occur
before or after it asks
Hmmm...
Doing some testing... In attempting to import the midori-test.p12 file you've
provided, we are seeing a message: 'The contents of this item cannot be
retrieved' consistent with an unreadable cert.
We do not ever see the: CSSMERR_CL_UNKNOWN_FORMAT message you report.
This is using
On Fri, Nov 13, 2009, Midori Green wrote:
Deae Lou and Dr. Henson:
I would appreciate it, if Dr. Henson, you could examine the attached
file, and see if it possible to determine if OpenSSL can do the reverse.
(Take a existing RSA private key and create a PKCS12 file for it
without an
But again, we have no trouble generating the combined key and cert, into one
file, and importing into Mac keychain (or Windows, or Linux, or Unix..) All
this is on OpenSSL 0.9.8k or 'l'.
Midori, does your problem on Mac go away if you attempt import the combined
key/cert file?
(I guess I
Hi ALL,
Did any one experience same build error ? Is there any solution for
this problem ? Please Help.
Thanks In advance
Joshi
On Fri, Nov 13, 2009 at 6:31 PM, joshi chandra
joshichandran...@gmail.com wrote:
Hi ALL ,
I tried to build openssl-1.0.0-beta4 version of Openssl for AIX . I am
Ger Hobbelt g...@hobbelt.com wrote:
Odd question maybe, but does the API call slowdown too when traversing
other heaps (which carry fewer items)?
Yes. This surprised me, but Heap32Next takes the same amount of time
to execute when traversing the 2nd heaplist (which has 15 items) as it
does
Mansour Dagher wrote:
Hi all,
if certificates and associated keys are stored on HW (Sun crypto card for
example), is there a way in openssl to specify the card as the location of
these certificates/kets?
It appears from the methods below, the openSSL only takes filesystem directory
paths
On Fri, Nov 13, 2009, joshi chandran wrote:
Hi ALL,
Did any one experience same build error ? Is there any solution for
this problem ? Please Help.
Thanks In advance
making depend in crypto/ts...
${TOP}/util/domd ${TOP} -MD makedepend -- -DOPENSSL_THREADS
-qthreaded
It appears that fipsld is fairly unusable in its current state, i found
the 3 following errors with it do far.
1) fails to link shared libs with g++
2) fails to link shared libs that link with other shared libs
3) fails to link exeucutable that links to other shared libs.
4) fipsld requires
On Fri, Nov 13, 2009 at 6:34 PM, James Baker j...@j-baker.org wrote:
[...]
Each and every call takes the same long amount of time. To me, this
indicates that the time spent is not actually spent *finding* the next
heap entry (as if we were traversing a linked list to get to our
destination),
But for what it's worth, we've been using our p12 certs for some time now, well
before Snow Leopard's release.
I've only included the version for your reference.
Have you tried to simply re-generate the pem-encoded cert, then the p12 cert
_and_ key bundle again?
openssl pkcs12 -export
You need OpenSSL 1.0.0 at least to create PKCS#12 files without certificates,
this should work:
openssl pkcs12 -export -inkey key.pem -nocerts -out key.p12
Thank you Dr. Henson, I downloaded and installed openssl 1.0.0-beta4
and was able to successful create a private key only PKCS12
Hi there;
Since you have narrowed the problem down to something in your
certificate, and, since certificates are by nature 'public' files, can
you perhaps post the certificate from one of the failing PKCS#12 files
here, which would allow folks to perhaps help you out more?
(It may be that
Hi Stephen,
1. I have not installed Openssl 0.9.7 version of openssl in the system.
2. make depend is also giving error
+ 0 Makefile 1 Makefile.new
+ RC=0
+ mv Makefile.new Makefile
+ rm ../krb5.h
+ exit 0
making depend in engines...
+ TOP=..
+ shift
+ [ -MD = -MD ]
+ shift
+
Hi Stephen,
1. I have not installed Openssl 0.9.7 version of openssl in the system.
2. make depend is giving following error
+ 0 Makefile 1 Makefile.new
+ RC=0
+ mv Makefile.new Makefile
+ rm ../krb5.h
+ exit 0
making depend in engines...
+ TOP=..
+ shift
+ [ -MD = -MD ]
+ shift
+
22 matches
Mail list logo