Reading @
https://www.openssl.org/docs/manmaster/apps/pkcs12.html
"By default the private key is encrypted using triple DES and the
certificate using 40 bit RC2."
which clearly implies, with RC2 disabled (it is), that'll cause a
problem in default config.
Adding the options
openssl pkcs12 -export \
-descert
fixes the problem, insofar as no error's caused on export.
Would code to enable/use "-descert" as default cert, in the case of RC2
disabled, be called for?
Or, perhaps with RC2 considered 'weak' these days, worhtwhile to make
"-descert" the default?
--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users