You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
PKCS#12/PFX import fails with a a password error if the PFX has no MAC.
The password is correct so this error is confusing. The issuer/CA was Sectigo - sorry I don't know if that's their default export format or if someone picked an obscure format before getting it to me.
I tried XCA 2.4.0 and 2.8.0. Win64.msi
older openssl verisons fail with Mac verify error: invalid password? but work with -nomacver
openssl 3.0.12 works without -nomacver but prints a warning
$ openssl version
OpenSSL 3.0.12 24 Oct 2023 (Library: OpenSSL 3.0.12 24 Oct 2023)
$ openssl pkcs12 -info -in in.pfx -noenc -passin file:in.txt
Warning: MAC is absent!
PKCS7 Data
Certificate bag
Bag Attributes
localKeyID: XX XX
subject=CN = foo.com
issuer=C = GB, ST = Greater Manchester, L = Salford, O = Sectigo Limited, CN = Sectigo RSA Domain Validation Secure Server CA
-----BEGIN CERTIFICATE-----
xxx
-----END CERTIFICATE-----
PKCS7 Data
Shrouded Keybag: pbeWithSHA1And3-KeyTripleDES-CBC, Iteration 2048
Bag Attributes
localKeyID: XX XX
Key Attributes: <No Attributes>
-----BEGIN PRIVATE KEY-----
xxx
-----END PRIVATE KEY-----
The text was updated successfully, but these errors were encountered:
PKCS#12/PFX import fails with a a password error if the PFX has no MAC.
The password is correct so this error is confusing. The issuer/CA was Sectigo - sorry I don't know if that's their default export format or if someone picked an obscure format before getting it to me.
I tried XCA 2.4.0 and 2.8.0. Win64.msi
older openssl verisons fail with
Mac verify error: invalid password?but work with -nomacveropenssl 3.0.12 works without -nomacver but prints a warning
The text was updated successfully, but these errors were encountered: