Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Mac verify error: invalid password? Converting .p12 to .pem using openssl pkcs12

Tags:

openssl

pkcs#12

I keep getting this error:

Mac verify error: invalid password?

For these two commands:

openssl pkcs12 -nocerts -out PushKey.pem -in moo.p12

openssl pkcs12 -nocerts -out PushKey.pem -in moo.p12 -nodes

moo.p12 is issued by apple for push notifications

like image 820
user1909186 Avatar asked Jul 11 '14 07:07

user1909186

People also ask

How do I add a pkcs12 password to a file?

openssl pkcs12 -in path.p12 -out newfile.crt.pem -clcerts -nokeys openssl pkcs12 -in path.p12 -out newfile.key.pem -nocerts -nodes To put the certificate and key in the same file use the following If you need to input the PKCS#12 password directly from the command line (e.g. a script), just add -passin pass:$ {PASSWORD}:

Why can’t I open pkcs12 files on GitHub?

Already on GitHub? Sign in to your account If you have a PKCS#12 file which is not protected with a password, and which does not have a MAC entry, opening the file will work on Windows but fails on Linux and Mac (which use OpenSSL). The following program reproduces the behavior:

Does Bouncycastle create PKCS #12 files without Mac entries?

Based on RFC7292, I believe that's valid, and BouncyCastle creates PKCS#12 files without MAC entries if no password is provided. This file was created by Bouncy Castle, which emits the MAC entry if it is not password protected The file loads correctly using OpenSSL if you specify the -nomacver flag

How many intermediate certificates can I have in a P12 file?

Our P12 file can contain a maximum of 10 intermediate certificates. To dump all of the information in a PKCS#12 file in PEM format, use this command: nodes: generates a new private key without using a passphrase (-nodes)

2 Answers

You should have a password that come with the pfx file.

Try to put the password in the command line like this. Then you'll get both the private key and certificate in pem format:

openssl pkcs12 -nocerts -out PushKey.pem -in moo.p12 -nodes -password pass:<mypassword>
like image 97
xelat Avatar answered Oct 16 '22 18:10

xelat

Note: as already said, you should have a password that come with the pfx file.

In case they have not shared with you any password, maybe the password is just an empty one. In this case, try with -passin pass: to express an empty password.

Example:

openssl pkcs12 -in input.p12 -out output.pem -nodes -passin pass:

Source:

https://stackoverflow.com/a/71584593/3451846

like image 2
Valerio Bozz Avatar answered Oct 16 '22 18:10

Valerio Bozz
Sign in to Comment

Related questions

How to generate a RSA keyPair with a Privatekey encrypted with password?
linking with openssl lib statically
How to fix SSL issue SSL_CTX_use_certificate : ca md too weak on Python Zeep
Tutorial on Using OpenSSL with pthreads [closed]
Push Notification in PHP using PEM file
OpenSSL - check on what engine is a function called and if hardware is really used?
Node.js 10 HTTPS server is rejecting connections
How to Install M2crypto on Windows
OpenSSL Ignore Self-signed certificate error
X.509 certificate: Is it a good idea (or bad) to add localhost in Subject Alternative Name?
SSL Error Certificate subject name does not match target host for github.com
What can explain heap corruption on a call to free()?
400 Bad Request: The SSL certificate error
what is the difference between X509_STORE and X509_STORE_CTX .?
How to do AES decryption using OpenSSL
openssl/ssl.h not found but installed with homebrew
Does OpenSSL really need a path to openssl.conf?
Extract private key and certificate from kpcs7 (.p7b) file
How to specify CA private key password for client certificate creation using OpenSSL
OpenSSL::SSL_library_init() memory leak

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!