Support for PKCS12 client certificate files

Nikos Mavrogiannopoulos nmav at
Sat Jun 11 09:08:53 CEST 2011

On 06/11/2011 12:15 AM, Sebastian Kolbe wrote:
> Hello
> I'm having trouble reading / importing a p12 certificate file (with
> public/private key for
> client authentication). I used the function "gnutls_pkcs12_import" for this,
> but without
> success.  Error message was "base64 decode error" (or similar).

So you get a base64 decode error? Is your PKCS12 file base64 encoded?
Did you try the GNUTLS_X509_FMT_DER flag?

> Changing some of the other parameters (crt format, flags) only brought
> different error messages.
> At last the comand line tool (certtool) produced the same error message.
> Version of library was 2.8.6 (standard in ubuntu) and (latest
> available
> for download).
> I tried on command line with:
>   certtool  --p12-info --infile cert.p12

Try adding --inder option if your pkcs12 file is not
base64 encoded.

> BTW: the documentation is very "skinny" at this point...

Suggestions and patches are always welcome.


More information about the Gnutls-help mailing list