Timeline for Using certutil certificate in apache, missing key
Current License: CC BY-SA 4.0
12 events
| when toggle format | what | by | license | comment | |
|---|---|---|---|---|---|
| Oct 10, 2023 at 12:22 | comment | added | Daviid | Let us continue this discussion in chat. | |
| Oct 10, 2023 at 11:03 | history | edited | grawity_u1686 | CC BY-SA 4.0 |
added 68 characters in body
|
| Oct 10, 2023 at 10:59 | comment | added | grawity_u1686 | Just to clarify though, Apache httpd needs PKCS#8, whereas Apache Tomcat should be fine with PKCS#12 (PFX) directly, since it's the default Java format now. (As far as I know, in Java keystores everyone specifies some useless password like "apache"…) | |
| Oct 10, 2023 at 10:57 | history | edited | grawity_u1686 | CC BY-SA 4.0 |
added 11 characters in body
|
| Oct 10, 2023 at 10:55 | comment | added | Daviid |
Found out why it wasn't finding the certificate, this says CertID so I assumed I could only use the numeric ID, but I've tested and Serial Number, CErtificate Hash/thumbprint and Common Name work too.
|
|
| Oct 10, 2023 at 10:52 | history | edited | grawity_u1686 | CC BY-SA 4.0 |
added 288 characters in body
|
| Oct 10, 2023 at 10:50 | comment | added | grawity_u1686 |
Then specify "asdf" or whatever other temporary password you like – it's only needed until you convert from PFX to PKCS#8; once the conversion is done the PKCS#8 .key file can remain unencrypted as usual.
|
|
| Oct 10, 2023 at 10:47 | comment | added | Daviid |
Didn't work, Export-PfxCertificate requires a SecureString as password and that can't be empty. I'm trying certutil -exportPFX -p "" My 49 output.pfx NoRoot and it says CertUtil: -exportPFX error del comando: 0x80092004 (-2146885628 CRYPT_E_NOT_FOUND) but Get-ChildItem Cert:\LocalMachine\My shows that the certificate does exist
|
|
| Oct 10, 2023 at 10:36 | comment | added | grawity_u1686 | The PKCS#12 (PFX) file format requires encryption; you can probably use a blank password but the format doesn't really have a "no encryption" mode. | |
| Oct 10, 2023 at 10:25 | comment | added | Daviid |
For some reason Export-PfxCertificate won't export the file without Password or ProtectTo, I've created the certificate with MachineKeySet = TRUE and Exportable = TRUE and at no point do I set any password.
|
|
| Oct 10, 2023 at 9:57 | vote | accept | Daviid | ||
| Oct 10, 2023 at 9:44 | history | answered | grawity_u1686 | CC BY-SA 4.0 |