[openssl-users] Combining certificate and key in PEM format into a P12 file without knowing the key password?

Tobias Dussa (SCC) tobias.dussa at kit.edu
Tue Feb 20 16:35:43 UTC 2018


Hi,

On Tue, Feb 20, 2018 at 01:27:51PM +0000, Viktor Dukhovni wrote:
> > In the commonly accepted variants of PKCS#12, private key and all the
> > certificates are encrypted with the same password.  PKCS#12 with
> > different password for private key and certificates is not widely
> > supported.
> Do any of the PKCS#12 key derivation functions implement the same
> password -> key algorithm as is used in OpenSSL's PEM password to
> key mapping for private keys?  I suspect that might be another
> problem area.

Uh...  Good point.  Didn't have that on the radar actually.

Thanks!

Cheers,
Toby.
-- 
We're Germans and we use Unix.  That's a combination of two demographic
groups known to have no sense of humour whatsoever.
                      ---Hanno Mueller in de.comp.os.unix.programming
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 6312 bytes
Desc: not available
URL: <http://mta.openssl.org/pipermail/openssl-users/attachments/20180220/cac09b52/attachment-0001.bin>


More information about the openssl-users mailing list