I think I just verified that my certificate is sane. At the suggestion
of a co-worker, I prompted for my certificate private key password to
verify it was right with:
./openssl pkcs8 -in ~me/theoneinquestion.cert -inform PEM
It prompts with:
Enter Password:
and providing the known password yields successful behavior with the
privatekey displayed. But with my own program, I get a different
prompt:
Enter PEM pass phrase:
which gets me into the PEM_ASN1_read_bio routine to call "def_callback"
with apparent success. I then get back the password I typed, its length
of greater than zero, but I then get a null returned from the
M_PKCS8_decrypt routine and at that point it falls out with a zero
return (failed decryption). Is this thing broken, or am I (more likely)
doing something badly? My call to using the SSL_CTX_use_PrivateKey_file
facility from the Net::SSLeay.pm Perl facility looks as follows, and
seems to have reasonable input:
Net::SSLeay::CTX_use_PrivateKey_file($this->{ctx},
$this->{privatekey_filespec},
&Net::SSLeay::FILETYPE_PEM);
The privatekey_filespec item is the same filespec as the certificate
filespec, but I showed above this works with openssl directly, I think.
Please I'm dying for some enlightenment here. I'll RTF any M but I
haven't found an M which seems to be pertinent.
Sincerely, Xeno campanoli
--
Email: [EMAIL PROTECTED] (home home page:
http://www.aa.net/~xeno)
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
