2
I have a Certificate in my account and need to export it to authenticate on a site - following these procedures: link. Only that on import in windows, it does not export along with the private key. How should I proceed? I have already performed the following procedure:
openssl pkcs12 -export -nokeys -in certificate.cer -out pkcs12.pfx
and it returns an error message:
96864:error:0D0C6070:asn1 encoding routines:Asn1_item_pack:ncode error:asn_pack. c:170: Unable to write 'Random state'
1
From what I understood from the last link, the command to generate the P12 was:
openssl pkcs12 -export -in client.crt -inkey client.key -out client.p12 -name "Whatever"
In the link itself, it says that the client’s private key also needs to be included. It lacked this command to include the private key and publish its. And just to confirm, the crt file or cer with the public certificate of the site needs to have the whole chain.
Solution
For this problem, the portecle.
Hello, I do not have a spare key. Therefore from use of -nokeys.
It may be necessary to generate one with openssl genrsa -out client.key 2048
You can use the tool portecle. You can generate the private key and import the certificates from the server. You can also export to P12 or to java Keystore.
using the openssl command, the following error occurred: Generating RSA private key, 2048 bit long modulus ....................++ ......++ Unable to write 'Random state' e is 65537 (0x10001)
There is a problem with the openssl command. Try to use the portecle, it is done in java and does not use openssl.
Ok, I used portecle. I created a new Keystore and import the cer into it.
Browser other questions tagged java certified openssl
You are not signed in. Login or sign up in order to post.
What is the error message ?
– Roknauta
96864:error:0D0C6070:asn1 encoding routines:Asn1_item_pack:Find error:asn_pack. c:170: Unable to write 'Random state'
– JulioCes
Edit your question and put the bug there please.
– Roknauta