I've been working with OpenSSL to try and convert an existing private key
generated by an old SSL software package and during the process of using
PKCS8 to decrypt from the "Encrypted Private Key" to the "RSA Private Key" I
get an error "No Octet String in PrivateKey". My understanding is that this
is due to some improper encoding, which OpenSSL is able to work around. I'm
able to successfully re-encrypt the resulting private key with a new
password and to combine that private key with the certificate chain using
PKCS12 into what appears to be a valid PKCS12 file, however, the resulting
file is not importable into IBM's DCM due to an "ASN1 encoding error". I
suspect that this may be due to the original encoding problem, although I'm
not certain. Assuming that's the case, can someone give me an explanation of
the "No Octet..." error and is OpenSSL capable of correcting the original
encoding problem either during the original decryption or at some other
point in the process or is that simply not possible.
thanks,
Bob
