I am using OpenSLL to extract the private keys from my IIS Key Backup files.
I am able to accomplish this fine except for certain servers we have. These
servers keys/certs are marked as OFX (Financial Exchange). These are a
special type of key/cert that you have to specificly request from Verisign ,
etc.. When I try to extract from these files I am getting the same error
that I get if I use a wrong password.
unable to load key
207:error:0D08C007:asn1 encoding routines:D2I_NETSCAPE_PKEY:expecting an
asn1 se
quence:n_pkey.c:311:address=167888280 offset=0
207:error:0D08E08B:asn1 encoding routines:d2i_Netscape_RSA_2:unable to
decode rs
a private key:n_pkey.c:268:
207:error:0D08D06F:asn1 encoding routines:d2i_Netscape_RSA:decoding
error:n_pkey
.c:2450:address=167873496 offset=17
I am guessing that there is a string that marks the type of key/cert and
openssl is not recognizing the code for OFX when it unencrypts / validates
the file. It checks the info and does not find an expected string so thinks
the passowrd/unencrypt is bad.. This is pure speculation on my part.
Does anyone have any idea if this is what is going on, and more importantly
a way to fix / workaround it?
C. Michael Tipton
BB&T Online Banking Services
Client Server Systems Analyst
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
