On Tue, Feb 20, 2018 at 12:23:14PM +0100, Jakob Bohm wrote:
> > I was wondering whether it was possible somehow to take a certificate and an
> > enciphered private key, both in .pem format, and combine them into a PKCS12
> > structure without knowing the key passphrase?
>
> In the commonly accepted variants of PKCS#12, private key and all the
> certificates are encrypted with the same password. PKCS#12 with
> different password for private key and certificates is not widely
> supported.
Do any of the PKCS#12 key derivation functions implement the same
password -> key algorithm as is used in OpenSSL's PEM password to
key mapping for private keys? I suspect that might be another
problem area.
What combination of the "-keypbe", "-macalg", and "-maciter" options
yields a key derivation function that matches PEM?
--
Viktor.
--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
