Super User Stack Exchange
Super User Stack Exchange

Questions tagged [pkcs]

17 questions
16
votes
1 answer

How to quickly identify SSH private key file formats?

Triggered today by Remote Desktop Manager, whose SSH Key Generator offered to save a private key in OpenSSH format, but then proceeded to store it in PKCS#1 / OpenSSL format, while using the same random *.pri file extension for two of the offered…
Reto Höhener
  • 1,563
  • 6
  • 16
  • 30
5
votes
1 answer

How to import an SSH ed25519 key to GPG?

I have an SSH ed25519 key which I would like to import to GPG as an Authentication Subkey. There doesn't appear to be any documentation available on how to do this.
tcyrus
  • 55
  • 6
3
votes
1 answer

gpgsm: Cannot import private key

For signing emails, I requested an S/MIME certificate using the German academic DFN service. AT the end of this process, I get a .p12 file (PKCS12). I can convert this file to PEM using openssl pkcs12 -in TorstenBronger.p12 -nodes -out…
Torsten Bronger
  • 452
  • 5
  • 19
2
votes
1 answer

openssl pkcs12 keeps removing the PEM passphrase from keystore's entry?

OpenSSL 1.0.1e 11 Feb 2013 Generating a self-signed certificate: openssl req -x509 -newkey rsa:1024 -keyout key.pem -out cert.pem -days 365 During the process a PEM passphrase is requested: Enter PEM pass phrase: Verifying - Enter PEM pass…
XXL
  • 1,469
  • 4
  • 20
  • 34
2
votes
1 answer

How to produce p12 file with RSA private key and self-signed certificate?

I believe that the exact procedure below worked for me two weeks ago, but now it doesn't. I start with an RSA private key rsa.pem and generate my own self-signed certificate: openssl req -new -x509 -key rsa.pem -out rsa.cer then I try to create a…
FullStack
  • 209
  • 1
  • 3
  • 6
1
vote
1 answer

Can't S/MIME sign using OpenSSL even if "verify" suceeds

I have a client certificate in Chrome, that I used for logging into StartSSL. I exported it using pk12util to certfile.p12. Now I want to use it for signing with S/MIME. I converted the p12 file to pem. First, I verify that the certificate will work…
Janus Troelsen
  • 2,238
  • 2
  • 22
  • 33
1
vote
1 answer

Use PKCS#11 for SSH connection to the server to make token dependency

I have configured PKCS#11 remote ssh connection on my Ubuntu server such that users can login to it using a hardware token, as described here. However, in this condition, the user can login to the server and remove the token and give it to someone…
sajad
  • 175
  • 1
  • 1
  • 6
1
vote
1 answer

How to create a veracrypt volume on the command line not interactively with a keyfile stored on a PKCS#11 token

I am trying to create a new veracrypt container on the command line in a completely interactive fashion. To make things more complicated, I need to store a keyfile on a PKCS#11 token. From what I understood, I first need to import the keyfile to the…
mat
  • 816
  • 1
  • 9
  • 19
1
vote
0 answers

Windows 10 Logon using smartcard - Missing Driver

I am trying to log in to a domain account using smart card work but was not successful. I have the following environment setup for the test. Client Laptop (Lenovo P50) Windows 10 Fall Creator Windows Update: Up to date Installed the smart card…
Stanley
  • 11
  • 1
  • 3
1
vote
0 answers

Why is openssl pkcs12 export adding extra root anchor cert, duplicating server cert on Mac OS X

[Originally posted on Slack Overflow, but comment thread complained about inappropriate venue.] We're working on switching from StartCom SSL Certificates to Let's Encrypt, and trying to get it set up to automatically work with macOS Server + Apache…
Nick Williams
  • 135
  • 1
  • 4
1
vote
1 answer

How can I extract many P7M (pkcs#7) signed files?

I have many P7M files and I need to extract them to unsigned original file, I found some free tools but with these I have to extract each one and I want something to do a massive extraction or a command line to use in a batch command. Can I find…
Tobia
  • 2,203
  • 13
  • 41
  • 64
0
votes
1 answer

How to digital sign Excel document with a P12 file

I have a few Excel documents we need to sign at my job. Also some PDF ones. I've looked everywhere and all sites shows an "easy" answer but all lead to the same: obtain a digital id from microsoft. On their site they say "if you don't want to buy a…
alvaroc
  • 253
  • 4
  • 9
0
votes
0 answers

Smart card issue with OpenSC (pklogin_finder debug) only on CentOS

I'm trying to use a smart card on CentOS but I'm stuck. I'm using OpenSC, and I need to implement a special module to use my smart card (libgtop11dotnet). It doesn't work on CentOS, but I tested on Ubuntu and it works. I changed opensc.conf and…
Lesuno
  • 11
  • 4
0
votes
0 answers

Smartcard Client SLL Firefox no selection

I'm trying for days now to setup client ssl with apache and firefox using my hsm smartcard. I generated one certificate for every page I'm trying to set up. The smartcard shows up in firefox and displays all certificates in the certificate manager…
Stefan
  • 13
  • 4
0
votes
1 answer

Athena ID Protect v2 Token triggers Select Card dialog on PKCS#11 C_Login

I am playing around with an Athena IDProtect v2 Token from NXP (the one compatible with the IDProtect Laser product line) on Windows 10 Pro (x64 german). After installing the Athena client middle ware 7.10.00 (x64) - with and without setting the…
eckes
  • 1,208
  • 14
  • 20
1
2