Problems importing keys and certs in Android.

clement.legoffic at clement.legoffic at
Mon Mar 13 08:38:06 UTC 2023

Thank you for your answer, I am now able to install my p12 file.
The next problem is now using it.
I still use the same command lines as in the Makefile to make my cert and keys (pkcs12 command are now prefixed with “-legacy” option).
When I want to use my p12 client file on an Android file I get an error in adb logcat :

wpa_supplicant: TLS - SSL error: error:0900006e:PEM routines:OPENSSL_internal:NO_START_LINE

I have found some forums that talks about the format of the keys or certs, the fact is I am using the same Makefile as everyone does for freeradius’ certs.
Is there a workaround for this error in openssl ?

Thanks in advance for your help !

De : Erwann Abalea <erwann.abalea at>
Envoyé : vendredi 10 mars 2023 11:15
À : Le Goffic Clement <clement.legoffic at>
Cc : openssl-users at
Objet : Re: Problems importing keys and certs in Android.

Maybe these versions of Android can only handle the "legacy" algorithms?
Try adding the "-legacy" option when creating the PKCS#12 files.

On Fri, Mar 10, 2023 at 11:11 AM clement.legoffic at<mailto:clement.legoffic at> <clement.legoffic at<mailto:clement.legoffic at>> wrote:
I am using openssl to create my certificates for a 802.1X environnment with a freeradius server.
I use the freeradius Makefile to generate my keys and certs :<;!!BN3BN5aqUA!7oHKFONz_mQzi19g08SqWx0HXNHo73zc8e_3wzOvm7cmvHHrlNrE_ZPxGrs1j8ApofUkTcN09znNGna9Giln4Lqzl_3fDEQ$>
The Makefile works well and certificates too, I am able to authenticate to my Freeradius server with a embedded Linux device that has the ca cert and client cert installed.
I need to make my solution working with Android device.
So I use the p12 file generated by the Makefile on my Android phone (it contains the same priv key and certificates used by the embedded linux device)
The fact is that I cannot import my p12 file in either an Android 10 neither on an Android 13.
After asking the freeradius mailing list that told me the p12 file is working well, I was wondering if the error has already been encounter by openssl users
So, do you ever had problems importing p12 or cert/key file on android ?
Erwann Abalea.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <>

More information about the openssl-users mailing list