On Mon, Mar 13, 2017 at 02:27:39AM -0700, Gary L Peskin wrote: > I exported a certificate and corresponding private key in base 64 encoded > DER format For the record, there is no such thing as base64-encoded DER format. DER a binary encoding of ASN.1. A format would be particular ASN.1 structure, which can be encoded as DER, or in many cases as PEM. OpenSSL has no PEM encoding for PKCS#12 objects. These are supported only in DER-encoded form. > I tried to read it using OpenSSL 1.0.2k You gave it a PEM header that would be appropriate for a single X.509 certificate, but the enclosed object is PKCS#12, not X.509. > 15956:error:0D0680A8:asn1 encoding routines:ASN1_CHECK_TLEN:wrong > tag:.\crypto\asn1\tasn_dec.c:1199: This is expected. I'm attaching the corresponding binary PKCS#12 file. You should be able to decode that with the appropriate passphrase. -- Viktor.
Attachment:
CACTEST_CA.p12
Description: Binary data
-- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
