Cannot import private key into gpgsm

Torsten Bronger bronger at
Fri Jun 10 20:44:04 CEST 2022


For signing emails, I requested an S/MIME certificate using the
German academic DFN service.  At the end of this process, I get a
.p12 file (PKCS12).  I can convert this file to PEM using

    openssl pkcs12 -in TorstenBronger.p12 -nodes -out /tmp/temp.pem

In the PEM file, I can see four certificates (my own and the chain)
and the private key.  But importing the .p12 file into gpgsm fails:

    $ gpgsm --import TorstenBronger.p12 
    gpgsm: data error at "data.objectidentifier", offset 67
    gpgsm: error at "bag-sequence", offset 49
    gpgsm: error parsing or decrypting the PKCS#12 file
    gpgsm: total number processed: 0

It does not matter whether or not I removed the password from the
key using the roundtripping described in  Moreover, neither nor importing into and re-exporting
from Firefox change anything.  The error message is the same

Writing only the certificates to a PEM, I seem to be able to import
them into gpgsm’s database (along with the public key?).  But the
private key is missing.

One source said that gpg and gpgsm share the same database at least
for private keys.  But I get an import error trying to import the
PEM file with only the key into gpg.

How can I successfully import the certificates and the key into


P.S.: This is basically a copy of
If I get an answer here which is not put by the answerer themselves
to, I will update
Torsten Bronger

More information about the Gnupg-users mailing list