Re: The PKCS #12 operation failed for unknown reasons
Thanks, I ran pk12util. It lists three certificates in the .p12 file. Two of them have a Friendly name listed before the certificate, but the third doesn't. That one's for Signature Algorithm: PKCS #1 SHA-1 With RSA Encryption. If I want to add a friendly name, how do I do it? Victor On Feb 24, 7:57 pm, Nelson B Bolyard nel...@bolyard.me wrote: On 2012/02/24 07:26 PDT, VictorMiller wrote: I have a new PKI certificate as a .p12 file which I want to import into firefox and thunderbird on a RedHat system. However, every time I try an import I get the above error message. If I log onto an MS Windows machine I can get IE to import it without a problem. I've tried all sorts of things, such as moving all of my .db files in .thunderbird out of the way, and letting thunderbird create new ones. I've even tried moving my whole .thunderbird directory out of the way. Nothing works. Here's a strange thing -- even if I deliberately give the wrong password for the encrypted .p12 file I still get the same stupid error message. Any suggestions as to how to debug this? My guess is that your .p12 file has no friendly name in it. The utility program pk12util can confirm or refute this. If that's it, the solution is to create a new .p12 file with the same certs/keys and a printable ASCII friendly name. -- 12345678901234567890123456789012345678901234567890123456789012345678901234567890 -- dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
Re: The PKCS #12 operation failed for unknown reasons
On Feb 24, 7:57 pm, Nelson B Bolyard nel...@bolyard.me wrote: On 2012/02/24 07:26 PDT, VictorMiller wrote: I have a new PKI certificate as a .p12 file which I want to import into firefox and thunderbird on a RedHat system. However, every time I try an import I get the above error message. If I log onto an MS Windows machine I can get IE to import it without a problem. I've tried all sorts of things, such as moving all of my .db files in .thunderbird out of the way, and letting thunderbird create new ones. I've even tried moving my whole .thunderbird directory out of the way. Nothing works. Here's a strange thing -- even if I deliberately give the wrong password for the encrypted .p12 file I still get the same stupid error message. Any suggestions as to how to debug this? My guess is that your .p12 file has no friendly name in it. The utility program pk12util can confirm or refute this. If that's it, the solution is to create a new .p12 file with the same certs/keys and a printable ASCII friendly name. -- 12345678901234567890123456789012345678901234567890123456789012345678901234567890 Here's some more information. When I try to import the certificate using pkutil -i I get the following error message: PKCS12 decode import bags failed: Unable to find the certificate or key necessary for authentication. I've checked that I have the certificates for all the right authorities (I've checked with my help desk to find out which ones), and that in FF and thunderbird I have all the boxes checked. This is really maddening. Victor -- dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
Re: The PKCS #12 operation failed for unknown reasons
On 2012/02/27 09:47 PDT, VictorMiller wrote: On Feb 24, 7:57 pm, Nelson B Bolyard nel...@bolyard.me wrote: On 2012/02/24 07:26 PDT, VictorMiller wrote: I have a new PKI certificate as a .p12 file which I want to import into firefox and thunderbird on a RedHat system. However, every time I try an import I get the above error message. If I log onto an MS Windows machine I can get IE to import it without a problem. I've tried all sorts of things, such as moving all of my .db files in .thunderbird out of the way, and letting thunderbird create new ones. I've even tried moving my whole .thunderbird directory out of the way. Nothing works. Here's a strange thing -- even if I deliberately give the wrong password for the encrypted .p12 file I still get the same stupid error message. Any suggestions as to how to debug this? My guess is that your .p12 file has no friendly name in it. The utility program pk12util can confirm or refute this. If that's it, the solution is to create a new .p12 file with the same certs/keys and a printable ASCII friendly name. Here's some more information. When I try to import the certificate using pkutil -i I get the following error message: PKCS12 decode import bags failed: Unable to find the certificate or key necessary for authentication. Sounds like your p12 file doesn't contain the necessary private key. I've checked that I have the certificates for all the right authorities (I've checked with my help desk to find out which ones), and that in FF and thunderbird I have all the boxes checked. This is really maddening. Victor -- 12345678901234567890123456789012345678901234567890123456789012345678901234567890 -- dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
The PKCS #12 operation failed for unknown reasons
I have a new PKI certificate as a .p12 file which I want to import into firefox and thunderbird on a RedHat system. However, every time I try an import I get the above error message. If I log onto an MS Windows machine I can get IE to import it without a problem. I've tried all sorts of things, such as moving all of my .db files in .thunderbird out of the way, and letting thunderbird create new ones. I've even tried moving my whole .thunderbird directory out of the way. Nothing works. Here's a strange thing -- even if I deliberately give the wrong password for the encrypted .p12 file I still get the same stupid error message. Any suggestions as to how to debug this? Victor -- dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
Re: The PKCS #12 operation failed for unknown reasons
On 2012/02/24 07:26 PDT, VictorMiller wrote: I have a new PKI certificate as a .p12 file which I want to import into firefox and thunderbird on a RedHat system. However, every time I try an import I get the above error message. If I log onto an MS Windows machine I can get IE to import it without a problem. I've tried all sorts of things, such as moving all of my .db files in .thunderbird out of the way, and letting thunderbird create new ones. I've even tried moving my whole .thunderbird directory out of the way. Nothing works. Here's a strange thing -- even if I deliberately give the wrong password for the encrypted .p12 file I still get the same stupid error message. Any suggestions as to how to debug this? My guess is that your .p12 file has no friendly name in it. The utility program pk12util can confirm or refute this. If that's it, the solution is to create a new .p12 file with the same certs/keys and a printable ASCII friendly name. -- 12345678901234567890123456789012345678901234567890123456789012345678901234567890 -- dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto