On Wednesday, January 14, 2015 at 11:27:50 AM UTC-5, John Dennis wrote: > On 01/14/2015 09:58 AM, Robert Daniels wrote: > > Trying as you suggested today, but ran into some other thing which is > > puzzling. > > > > When I call cert = find_cert_from_nickname(nn, pwd) I successfully pull the > > server cert. > > I then call find_key_by_any_cert(cert, certpassword) I get an object back > > (nss.nss.PrivateKey). > > > > So, presumably the PK exists for the cert. > > > > However, after calling pkcx12_data = nss.pkcs12_export(nn, pwd) it throws > > an exception with "Private Key could not be located and exported". > > > > So confused as why I can get a PrivateKey object, but not export it with > > the cert. > > Does it work using pk12util? > > > -- > John
Using pk12util as: pk12util -n <server cert nickname> -d sql:<nssdb dir> -o newfile.p12 I observe that the private key, server certs and CA chain are included in the p12 file. -- dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
