On Tue, Feb 20, 2018 at 12:23:14PM +0100, Jakob Bohm wrote: > > I was wondering whether it was possible somehow to take a certificate and an > > enciphered private key, both in .pem format, and combine them into a PKCS12 > > structure without knowing the key passphrase? > > In the commonly accepted variants of PKCS#12, private key and all the > certificates are encrypted with the same password. PKCS#12 with > different password for private key and certificates is not widely > supported. Do any of the PKCS#12 key derivation functions implement the same password -> key algorithm as is used in OpenSSL's PEM password to key mapping for private keys? I suspect that might be another problem area. What combination of the "-keypbe", "-macalg", and "-maciter" options yields a key derivation function that matches PEM? -- Viktor. -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
