I made some progress. The call to PKCS12_parse succeeded, but the pkey returned was NULL. Please see below where I indicated how I created this .p12 file. I wonder why the PKCS12_parse command can't read its private key. I keep suspecting on permissions, but they seem ok - this app is running as cgi. Any suggestions are appreciated. Dirce
> Hello, > > I am maintaining a piece of code that calls PKCS12_parse. It worked with > an older version of openssl (0.9.8m), but it is not working with version > 1.0.0 > Here are some clips: > > X509 *cert = NULL; > BIO *in = NULL; > STACK_OF(X509) *ca_certs = NULL; > PKCS12 *p12 = NULL; > EVP_PKEY *pkey = NULL; > char pass[PEM_BUFSIZE]; > > strcpy(pass, exportpw.c_str()); // I verified that the password is correct > > p12 = d2i_PKCS12_bio(in, NULL); > > if (!(PKCS12_parse(p12, pass, &pkey, &cert, &ca_certs))) > > I created the pkcs12 file with: > openssl req -new -x509 -days 365 -keyout new.pem -out new.pem > openssl pkcs12 -export -in new.pem -out new.p12 -name "My certificate" > > I read in two places in the net that this code was fixed for version 1 and > above. Does anyone have any information on this? > > Thank you, > Dirce > > > ______________________________________________________________________ > OpenSSL Project http://www.openssl.org > User Support Mailing List openssl-users@openssl.org > Automated List Manager majord...@openssl.org > ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org