Cannot import private key into gpgsm
Torsten Bronger
bronger at physik.rwth-aachen.de
Fri Jun 10 20:44:04 CEST 2022
Hallöchen!
For signing emails, I requested an S/MIME certificate using the
German academic DFN service. At the end of this process, I get a
.p12 file (PKCS12). I can convert this file to PEM using
openssl pkcs12 -in TorstenBronger.p12 -nodes -out /tmp/temp.pem
In the PEM file, I can see four certificates (my own and the chain)
and the private key. But importing the .p12 file into gpgsm fails:
$ gpgsm --import TorstenBronger.p12
gpgsm: data error at "data.objectidentifier", offset 67
gpgsm: error at "bag-sequence", offset 49
gpgsm: error parsing or decrypting the PKCS#12 file
gpgsm: total number processed: 0
It does not matter whether or not I removed the password from the
key using the roundtripping described in
https://serverfault.com/a/633820/47303. Moreover, neither
git.scc.kit.edu/-/snippets/572 nor importing into and re-exporting
from Firefox change anything. The error message is the same
afterwards.
Writing only the certificates to a PEM, I seem to be able to import
them into gpgsm’s database (along with the public key?). But the
private key is missing.
One source said that gpg and gpgsm share the same database at least
for private keys. But I get an import error trying to import the
PEM file with only the key into gpg.
How can I successfully import the certificates and the key into
gpgsm?
Regards,
Torsten.
P.S.: This is basically a copy of
https://superuser.com/questions/1725832/gpgsm-cannot-import-private-key.
If I get an answer here which is not put by the answerer themselves
to superuser.com, I will update superuser.com.
--
Torsten Bronger
More information about the Gnupg-users
mailing list