pkcs#12

I generate a certificate using the keytool command: keytool -genkeypair -alias myRSAKey -keyalg RSA -keysize 1024 -keystore test.p12 -storepass test -storetype pkcs12 Then if I try to load it using java security API, after getting the file as a byte[] : KeyStore ks = KeyStore.getInstance("PKCS12"); try{ ks.load(new ByteArrayInputStream(data), "test".toCharArray()) } catch (Exception e){ ... } I get a DerInputStream.getLength(): lengthTag=127, too big exception. What is wrong? I had this problem and I've searched the depths of google and still couldn't find the answer. After some days battling

How can I import a .p12 certificate from the classpath into the java keystore? First I used the InstallCert https://code.google.com/p/java-use-examples/source/browse/trunk/src/com/aw/ad/util/InstallCert.java and did some changes so the server certificate will be imported into the keystore in the java install directory. This works fine but now I want to load a certificate from my classpath. EDIT: I just use a .cer certificate, see next answer Pali The answer: InputStream certIn = ClassLoader.class.getResourceAsStream("/package/myCert.cer"); final char sep = File.separatorChar; File dir = new

I am working on an Android app that requires Client Certificate Authentication (with PKCS 12 files). Following the deprecation of all that's apache.http.* , we have started a pretty big work of refactoring on our network layer, and we have decided to go with OkHttp as a replacement, and so far I like that very much. However, I haven't found any other way to handle client certificate auth without using SSLSocketFactory , with OkHttp or anything else for that matter. So what would be the best course of action in this particular case? Is there another way with OkHttp to handle this sort of

I have a shed load of 'aps_developer_identity.cer' certificates exported from iPhone Developer portal. They were all created using the same Certificate Signing Request and (thus) the same private key. If I export just the private key from the Apple Key Chain is it then possible to take the private key and the 'aps_developer_identity.cer' and use openssl to create merged p12/pkcs#12 certificate that I can use on my (Windows) server. Just to be clear, I know how to get a merged p12 from the Key Chain by exporting both the private key and certificate together, but I want to remove all the extra

Using openssl , I've created a private key as follows: openssl genrsa -out myKey.pem Then, to generate the csr demanded by the CA, I've executed the following: openssl req -new -key myKey.pem -out cert.csr The CA responded with a certificate which I stored in a file named myCert.cer I'd now like to bundle the necessary components (private key, public key(?) and certificate) into a single .p12 . To do so I've run the following: openssl pkcs12 -export -out keyStore.p12 -inkey myKey.pem -in myCert.cer but I'm getting the following error message: No certificate matches private key How can I

How to create a digital certificate and export to .p12 file in PHP? I want the .p12 file to have private key included. And also want to check whether the key pair is already issued (logged in database). I found a function called 'openssl_pkcs12_export_to_file' but don't know where to start. Seems that I need an X509 cert and a private key first. <?php error_reporting(-1); function dump($Var) { echo "<hr/><pre>"; var_dump($Var); echo "</pre><hr/>"; } function check_errors() { echo "<hr/><pre>"; $Count = 0; while (($e=openssl_error_string())!==false) { echo $e."<br>"; $Count++; } if ($Count==0)

Can anybody tell me how to use PKCS12 *d2i_PKCS12_fp(FILE *fp, PKCS12 **p12); int PKCS12_parse(PKCS12 *p12, const char *pass, EVP_PKEY **pkey, X509 **cert, STACK_OF(X509) **ca); any documenatation reference will also work. Without error-checking: FILE *p12_file; PKCS12 *p12_cert = NULL; EVP_PKEY *pkey; X509 *x509_cert; STACK_OF(X509) *additional_certs = NULL; p12_file = fopen("foo.p12", "rb"); d2i_PKCS12_fp(p12_file, &p12_cert); fclose(p12_file); PKCS12_parse(p12_cert, "password", &pkey, &x509_cert, &additional_certs); The private key is now in pkey , the certificate in x509_cert and any

Currently I have a .PEM file containing only a private key. I need to convert this file into a .PKCS12 file. Currently I'm trying to use openssl to achieve this and I'm running into some problems. The .PEM file I'm using is of the form: -----BEGIN RSA PRIVATE KEY----- Some key -----END RSA PRIVATE KEY----- I use the following Openssl command to attempt to convert this .PEM file into a .PKCS12: openssl pkcs12 -export -inkey file.pem -out file.p12 The console then hangs with the message: Loading 'screen' into random state -done What am Im doing wrong? Any help would be appriciated. beaudet I ran