[openssl-users] [SOLVED?] Re: openssl 1.0.2h pkcs12 export fails @ "digital envelope routines:EVP_PBE_CipherInit:unknown cipher"
PGNet Dev
pgnet.dev at gmail.com
Tue Jun 28 18:03:27 UTC 2016
Reading @
https://www.openssl.org/docs/manmaster/apps/pkcs12.html
"By default the private key is encrypted using triple DES and the
certificate using 40 bit RC2."
which clearly implies, with RC2 disabled (it is), that'll cause a
problem in default config.
Adding the options
openssl pkcs12 -export \
>>> -descert
fixes the problem, insofar as no error's caused on export.
Would code to enable/use "-descert" as default cert, in the case of RC2
disabled, be called for?
Or, perhaps with RC2 considered 'weak' these days, worhtwhile to make
"-descert" the default?
More information about the openssl-users
mailing list