Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Import certificate on windows server 2012 fail

Tags:

x509certificate

p12

windows-server-2012-r2

I have a p12 file (RS256), when I open through Certificate Import Wizard on windows 10 and follow steps, windows could read the file with a password, but when it move to windows server 2012 r2 and do the same steps, windows fails to read the file because the password entered is not correct. please help, why I can't import p12 to windows server 2012 r2

Certificate Import Wizard

UPDATE

the p12 file converted from the jks file using keytool on windows 10, I tried to re-convert it on windows server 2012 but still, it can not reads the file because the password is incorrect (I'm pretty sure the password is entered correctly), could you suggest me how to convert jks file to p12 with sha256withRSA correctly that running on windows server 2012 r2?

this command successfully generated but imported fail:

keytool -importkeystore -srckeystore e:\file.jks -srcstoretype JKS -deststoretype PKCS12 -destkeystore e:\file.p12 -sigalg RS256
keytool -importkeystore -srckeystore e:\file.jks -srcstoretype JKS -deststoretype PKCS12 -destkeystore e:\file.p12 -sigalg sha256withRSA
like image 326
staxoverflow Avatar asked Nov 08 '25 02:11

staxoverflow

1 Answers

If the installation with the certmgr.msc fails, then the .p12 file probably cannot be imported into Windows 2012 using the built-in Windows 2012 tools. To check that: "For each of your PKCS #12 files, you could try the following: issue the command certutil -asn | findstr /i "pb aes des sha" (replacing "" with the name of the PKCS #12 file).

If the output starts like:

| | | | | ; 1.2.840.113549.1.12.1.3 szOID_PKCS_12_pbeWithSHA1And3KeyTripleDES

then it should be possible to import the PKCS #12 file into Windows 2016.

If the output starts like:

| | | | | ; 1.2.840.113549.1.5.13 szOID_PKCS_5_PBES2 | | | | | | ; 1.2.840.113549.1.5.12 szOID_PKCS_5_PBKDF2 | | | | | ; 2.16.840.1.101.3.4.1.42 aes256

or similar, then the PKCS #12 file probably cannot be imported into Windows 2016 using the built-in Windows 2016 tools. You will have to recreate the PKCS #12 file using TripleDES and SHA1." - see thread: https://learn.microsoft.com/en-us/answers/questions/518605/importing-a-pkcs12-to-windows-server-2016.html

You have to recreate the .p12 as in: https://kb.globalscape.com/Knowledgebase/11040/Converting-an-Incompatible-PKCS12-Format-File-to-a-Compatible-PKCS12

like image 99
Danut Radoaica Avatar answered Nov 11 '25 14:11

Danut Radoaica

Sign in to Comment

Related questions

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!