-
Bug
-
Resolution: Unresolved
-
Minor
-
None
-
rhel-10.1
-
None
-
No
-
Low
-
rhel-security-crypto-spades
-
None
-
False
-
False
-
-
No
-
None
-
None
-
None
-
Unspecified Release Note Type - Unknown
-
Unspecified
-
Unspecified
-
Unspecified
-
None
When gnutls-3.8.10-2.el10.x86_64 is used to create a PKCS#12 file:
certtool --load-certificate ca/cert.pem --load-privkey ca/key.pem --to-p12 --p12-name ca --outder --outfile ca.p12 --password ''
the resulting file cannot be imported by NSS, as it errors out:
pk12util: PKCS12 decode not verified: SEC_ERROR_BAD_DER: security library: improperly formatted DER-encoded message.
and with OpenSSL:
... 9ViypE0hAUVmEQ6Nm+YLVHvk9seQsiwQnPsfGP/6BUFhQ1B2CYxfqdr5arxgZEEk SJd8TIj/bs86LFRmB0w+1PoR3aWDMT4o/VGPVMKTTQFjw1PA9SCr/ksSdfQYJ7Y4 ZyV3/2zUa/Vu3UN2P5fPzSoJDBJmcquxIyVmlrDC8zJshOgAAjh4fpKrwgIbMW2H nvMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYNEREZIA== -----END CERTIFICATE----- Error outputting keys and certificates 8082D401DE7F0000:error:068000A8:asn1 encoding routines:asn1_check_tlen:wrong tag:crypto/asn1/tasn_dec.c:1194: 8082D401DE7F0000:error:0688010A:asn1 encoding routines:asn1_item_embed_d2i:nested asn1 error:crypto/asn1/tasn_dec.c:349:Type=X509_ALGOR 8082D401DE7F0000:error:0688010A:asn1 encoding routines:asn1_template_noexp_d2i:nested asn1 error:crypto/asn1/tasn_dec.c:685:Field=algor, Type=X509_SIG 8082D401DE7F0000:error:0688010A:asn1 encoding routines:asn1_template_noexp_d2i:nested asn1 error:crypto/asn1/tasn_dec.c:685: 8082D401DE7F0000:error:0688010A:asn1 encoding routines:asn1_template_ex_d2i:nested asn1 error:crypto/asn1/tasn_dec.c:537:Field=value.shkeybag, Type=PKCS12_SAFEBAG 8082D401DE7F0000:error:0688010A:asn1 encoding routines:asn1_template_noexp_d2i:nested asn1 error:crypto/asn1/tasn_dec.c:654: 8082D401DE7F0000:error:0680006E:asn1 encoding routines:ASN1_item_unpack_ex:decode error:crypto/asn1/asn_pack.c:72: