Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss
The PKCS #12 operation failed for unknown reasons
3,479 views
Skip to first unread message
VictorMiller
Feb 24, 2012, 10:26:37 AM2/24/12
to mozilla-dev...@lists.mozilla.org
I have a new PKI certificate as a .p12 file which I want to import
into firefox and thunderbird on a RedHat system. However, every time
I try an import I get the above error message. If I log onto an MS
Windows machine I can get IE to import it without a problem. I've
tried all sorts of things, such as moving all of my .db files
in .thunderbird out of the way, and letting thunderbird create new
ones. I've even tried moving my whole .thunderbird directory out of
the way. Nothing works. Here's a strange thing -- even if I
deliberately give the wrong password for the encrypted .p12 file I
still get the same stupid error message. Any suggestions as to how to
debug this?
Victor
into firefox and thunderbird on a RedHat system. However, every time
I try an import I get the above error message. If I log onto an MS
Windows machine I can get IE to import it without a problem. I've
tried all sorts of things, such as moving all of my .db files
in .thunderbird out of the way, and letting thunderbird create new
ones. I've even tried moving my whole .thunderbird directory out of
the way. Nothing works. Here's a strange thing -- even if I
deliberately give the wrong password for the encrypted .p12 file I
still get the same stupid error message. Any suggestions as to how to
debug this?
Victor
Nelson B Bolyard
Feb 24, 2012, 7:57:47 PM2/24/12
to mozilla's crypto code discussion list
program pk12util can confirm or refute this. If that's it, the solution is
to create a new .p12 file with the same certs/keys and a printable ASCII
friendly name.
--
12345678901234567890123456789012345678901234567890123456789012345678901234567890
VictorMiller
Feb 27, 2012, 12:18:39 PM2/27/12
to mozilla-dev...@lists.mozilla.org
Thanks, I ran pk12util. It lists three certificates in the .p12
file. Two of them have a "Friendly name" listed before the
certificate, but the third doesn't. That one's for "Signature
Algorithm: PKCS #1 SHA-1 With RSA Encryption". If I want to add a
friendly name, how do I do it?
Victor
file. Two of them have a "Friendly name" listed before the
certificate, but the third doesn't. That one's for "Signature
Algorithm: PKCS #1 SHA-1 With RSA Encryption". If I want to add a
friendly name, how do I do it?
Victor
VictorMiller
Feb 27, 2012, 12:47:04 PM2/27/12
to mozilla-dev...@lists.mozilla.org
On Feb 24, 7:57 pm, Nelson B Bolyard <nel...@bolyard.me> wrote:
using pkutil -i I get the following error message:
PKCS12 decode import bags failed: Unable to find the certificate or
key necessary for authentication.
I've checked that I have the certificates for all the right
authorities (I've checked with my help desk to find out which ones),
and that in FF and thunderbird I have all the boxes checked. This is
really maddening.
Victor
Nelson B Bolyard
Feb 27, 2012, 9:33:59 PM2/27/12
to mozilla's crypto code discussion list
On 2012/02/27 09:47 PDT, VictorMiller wrote:
>
> On Feb 24, 7:57 pm, Nelson B Bolyard <nel...@bolyard.me> wrote:
>
> On Feb 24, 7:57 pm, Nelson B Bolyard <nel...@bolyard.me> wrote:
> Here's some more information. When I try to import the certificate
> using pkutil -i I get the following error message:
>
> PKCS12 decode import bags failed: Unable to find the certificate or
> key necessary for authentication.
Sounds like your p12 file doesn't contain the necessary private key.
> using pkutil -i I get the following error message:
>
> PKCS12 decode import bags failed: Unable to find the certificate or
> key necessary for authentication.
> I've checked that I have the certificates for all the right
> authorities (I've checked with my help desk to find out which ones),
> and that in FF and thunderbird I have all the boxes checked. This is
> really maddening.
>
> Victor
12345678901234567890123456789012345678901234567890123456789012345678901234567890
0 new messages