lvilleitdept
asked on
Unable to import a PKCS file to a kyr file using ikeyman
I am in the process of moving an IIS based Wildcard SSL certificate to a Domino Keyring file. I saw an article at http://www.turtleweb.com/turtleblog.nsf/dx/11022009232215GDAVGR.htm and I followed the instructions there, but I am getting an error message at step 15. when I click Import and select the p12 file, the error appears and it says "An error occurred while importing keys from the PKCS12 format file". I got an error in step3 and I had to replace the Security policy files. In step-8, I installed the Intermediate Certificate also after the Trusted root Certificate. In step-13, the ikeyman was not launching and I had to replace the JRE folder with JRE 1.1.8 to fix that. Now at the last step, when I click Import and select the p12 file, the error appears and it says "An error occurred while importing keys from the PKCS12 format file". I am totally lost. I searched internet for many days and couldn't find a fix.
ASKER
When I exported the pfx file, I used the password. I was able to import the pfx file into the Domino KEY DB file as PKCS. I saved this with the name key.p12 . Later when I created a key ring file and try to import this PKCS file (key.p12), I am getting the error
I also tried with OpenSSL, but no luck.
I also tried with OpenSSL, but no luck.
what version of lotus or domino are you using? I'm seeing a few things on 6.0 & 6.5 that are patched, but that's getting a little outdated so I'm not jumping too much just yet on that stuff.
ASKER
Lotus Domino (r) Server, Release 7.0.2
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
The other thing you can do is to try converting the pfx file to PEM format - some programs work better with a PEM formatted cert. You can download OpenSSL from http://gnuwin32.sourceforge.net/packages/openssl.htm
Here's a script to run - you can pass the variables when you run the .bat file or you can replace them ahead of time.
: %1 = filename (will be used for PFX and PEM filenames)
: %2 = password for input PFX file
: %3 = password for output PEM file
c:\openssl\bin\openssl.exe
pause