Looks like no one’s replied in a while. To start the conversation again, simply ask a new question.

Keychain Access: Trouble importing .p12 certificate that has no password

I'm having trouble importing PKCS#12 certificates which have no password. If the .p12 file has a password, then the import works as expected. If it has no password, then after hitting enter on the password prompt a couple of times, it errors with "MAC verification failed during PKCS12 import (wrong password?)"


While normally putting private keys in a password-less .p12 is a Bad Thing(TM), in this case these certificates are only used to as one factor in two-factor authenticating web sites (the other factor being a password). The additional password on the private key seems overkill.


The .p12 file is generated with a command like:


openssl pkcs12 -export -out client.p12 -in client.crt -inkey client.key -certfile ca.crt -passout pass:


Is this a bug in OS X?


Is there some other way I can generate the certificate so Keychain Access will accept it?


Thanks!

dave

<><

Keychain Access-OTHER, Mac OS X (10.7.2)

Posted on Jan 5, 2012 12:06 PM

Reply

There are no replies.

Keychain Access: Trouble importing .p12 certificate that has no password

Welcome to Apple Support Community
A forum where Apple customers help each other with their products. Get started with your Apple ID.