Hello, I have a certificate and private key file in the encrypted .p12 file format (I have the password for the file). I need to use it in the function PKCS7_sign, which assumes certificates in standard .pem format (at least the PHP version which I use). So what is basically need is to convert the .p12 file to the .pem file. That should be quite easy, just running command openssl pkcs12 -in mycert.p12 -out mycert.pem. This actually creates the .pem file, after I enter import password and then password to encrypt key in PEM file (which I suppose does not need to be the same as import password, but it has no effect whatever the password is). So I have the PEM file. It contains three certificates and one private key. The certificates are two from the company that issued the certificate, my certificate itself and corresponding private key. The certificates and key are stored in the file in the order described. But when I want to use the pem file, OpenSSL gives me some weird error messages, which changes from time to time (let's say randomly, each try other message). The messages are:
error:2108907F:PKCS7 routines:PKCS7_sign_add_signer:private key does not match certificate error:21074099:PKCS7 routines:PKCS7_sign:pkcs7 add signer error error:0B080074:x509 certificate routines:X509_check_private_key:key values mismatch I generally know what the messages means, the problem is, that the certificate in the pem file matches the key in the file, althrough OpenSSL thinks it does not. Any idea where can be any error or how to debug this issue more? Any help would be appreciated. Michal K. ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [email protected] Automated List Manager [email protected]
