Skip to content

pkcs12 export not working  #4799

New issue
New issue
Open
Open
pkcs12 export not working #4799
@fastchain

Description

@fastchain
fastchain
opened on Mar 21, 2024

Hello,
when I try to export with openssl pkcs12 I get this

...
lemur-1     | 2024-03-21 04:23:25,559 INFO sqlalchemy.engine.base.Engine SELECT certificates.id AS certificates_id, certificates.external_id AS certificates_external_id, certificates.owner AS certificates_owner, certificates.name AS certificates_name, certificates.description AS certificates_description, certificates.notify AS certificates_notify, certificates.body AS certificates_body, certificates.chain AS certificates_chain, certificates.csr AS certificates_csr, certificates.private_key AS certificates_private_key, certificates.issuer AS certificates_issuer, certificates.serial AS certificates_serial, certificates.cn AS certificates_cn, certificates.deleted AS certificates_deleted, certificates.dns_provider_id AS certificates_dns_provider_id, certificates.not_before AS certificates_not_before, certificates.not_after AS certificates_not_after, certificates.date_created AS certificates_date_created, certificates.signing_algorithm AS certificates_signing_algorithm, certificates.status AS certificates_status, certificates.bits AS certificates_bits, certificates.san AS certificates_san, certificates.rotation AS certificates_rotation, certificates.user_id AS certificates_user_id, certificates.authority_id AS certificates_authority_id, certificates.root_authority_id AS certificates_root_authority_id, certificates.rotation_policy_id AS certificates_rotation_policy_id, certificates.key_type AS certificates_key_type 
lemur-1     | FROM certificates 
lemur-1     | WHERE certificates.id = %(param_1)s
lemur-1     | 2024-03-21 04:23:25,559 INFO sqlalchemy.engine.base.Engine {'param_1': 3}
lemur-1     | [2024-03-21 04:23:25,573] DEBUG in plugin: ['openssl', 'pkcs12', '-export', '-name', 'bbb@bbb.bb', '-in', '/tmp/tmpprcz38_i', '-inkey', '/tmp/tmpnp7gw0zo', '-out', '/tmp/k78etn62', '-password', 'pass:u9TolSf)4qh@4BRMGo&2YdFl']
lemur-1     | ['openssl', 'pkcs12', '-export', '-name', 'bbb@bbb.bb', '-in', '/tmp/tmpprcz38_i', '-inkey', '/tmp/tmpnp7gw0zo', '-out', '/tmp/k78etn62', '-password', 'pass:u9TolSf)4qh@4BRMGo&2YdFl']
lemur-1     | ['openssl', 'pkcs12', '-export', '-name', 'bbb@bbb.bb', '-in', '/tmp/tmpprcz38_i', '-inkey', '/tmp/tmpnp7gw0zo', '-out', '/tmp/k78etn62', '-password', 'pass:u9TolSf)4qh@4BRMGo&2YdFl']
lemur-1     | [2024-03-21 04:23:25,578] DEBUG in plugin: openssl pkcs12 -export -name bbb@bbb.bb -in /tmp/tmpprcz38_i -inkey /tmp/tmpnp7gw0zo -out /tmp/k78etn62 -password pass:u9TolSf)4qh@4BRMGo&2YdFl
lemur-1     | openssl pkcs12 -export -name bbb@bbb.bb -in /tmp/tmpprcz38_i -inkey /tmp/tmpnp7gw0zo -out /tmp/k78etn62 -password pass:u9TolSf)4qh@4BRMGo&2YdFl
lemur-1     | openssl pkcs12 -export -name bbb@bbb.bb -in /tmp/tmpprcz38_i -inkey /tmp/tmpnp7gw0zo -out /tmp/k78etn62 -password pass:u9TolSf)4qh@4BRMGo&2YdFl
lemur-1     | [2024-03-21 04:23:25,579] ERROR in plugin: b'unable to load certificates\n132074280334656:error:0908F070:PEM routines:get_header_and_data:short header:../crypto/pem/pem_lib.c:812:\n'
lemur-1     | b'unable to load certificates\n132074280334656:error:0908F070:PEM routines:get_header_and_data:short header:../crypto/pem/pem_lib.c:812:\n'
lemur-1     | b'unable to load certificates\n132074280334656:error:0908F070:PEM routines:get_header_and_data:short header:../crypto/pem/pem_lib.c:812:\n'
lemur-1     | [2024-03-21 04:23:25,579] DEBUG in utils: No file /tmp/k78etn62
lemur-1     | No file /tmp/k78etn62
lemur-1     | No file /tmp/k78etn62
lemur-1     | [2024-03-21 04:23:25,579] ERROR in schema: b'unable to load certificates\n132074280334656:error:0908F070:PEM routines:get_header_and_data:short header:../crypto/pem/pem_lib.c:812:\n'
lemur-1     | Traceback (most recent call last):
lemur-1     |   File "/opt/lemur/lemur/common/schema.py", line 158, in decorated_function
lemur-1     |     resp = f(*args, **kwargs)
lemur-1     |   File "/opt/lemur/lemur/certificates/views.py", line 1569, in post
lemur-1     |     extension, passphrase, data = plugin.export(
lemur-1     |   File "/opt/lemur/lemur/plugins/lemur_openssl/plugin.py", line 167, in export
lemur-1     |     create_pkcs12(body, chain, output_tmp, key, alias, passphrase)
lemur-1     |   File "/opt/lemur/lemur/plugins/lemur_openssl/plugin.py", line 103, in create_pkcs12
lemur-1     |     run_process(
lemur-1     |   File "/opt/lemur/lemur/plugins/lemur_openssl/plugin.py", line 34, in run_process
lemur-1     |     raise Exception(stderr)
lemur-1     | Exception: b'unable to load certificates\n132074280334656:error:0908F070:PEM routines:get_header_and_data:short header:../crypto/pem/pem_lib.c:812:\n'
lemur-1     | b'unable to load certificates\n132074280334656:error:0908F070:PEM routines:get_header_and_data:short header:../crypto/pem/pem_lib.c:812:\n'
lemur-1     | Traceback (most recent call last):
lemur-1     |   File "/opt/lemur/lemur/common/schema.py", line 158, in decorated_function
lemur-1     |     resp = f(*args, **kwargs)
lemur-1     |   File "/opt/lemur/lemur/certificates/views.py", line 1569, in post
lemur-1     |     extension, passphrase, data = plugin.export(
lemur-1     |   File "/opt/lemur/lemur/plugins/lemur_openssl/plugin.py", line 167, in export
lemur-1     |     create_pkcs12(body, chain, output_tmp, key, alias, passphrase)
lemur-1     |   File "/opt/lemur/lemur/plugins/lemur_openssl/plugin.py", line 103, in create_pkcs12
lemur-1     |     run_process(
lemur-1     |   File "/opt/lemur/lemur/plugins/lemur_openssl/plugin.py", line 34, in run_process
lemur-1     |     raise Exception(stderr)
lemur-1     | Exception: b'unable to load certificates\n132074280334656:error:0908F070:PEM routines:get_header_and_data:short header:../crypto/pem/pem_lib.c:812:\n'
lemur-1     | b'unable to load certificates\n132074280334656:error:0908F070:PEM routines:get_header_and_data:short header:../crypto/pem/pem_lib.c:812:\n'
lemur-1     | Traceback (most recent call last):
lemur-1     |   File "/opt/lemur/lemur/common/schema.py", line 158, in decorated_function
lemur-1     |     resp = f(*args, **kwargs)
lemur-1     |   File "/opt/lemur/lemur/certificates/views.py", line 1569, in post
lemur-1     |     extension, passphrase, data = plugin.export(
lemur-1     |   File "/opt/lemur/lemur/plugins/lemur_openssl/plugin.py", line 167, in export
lemur-1     |     create_pkcs12(body, chain, output_tmp, key, alias, passphrase)
lemur-1     |   File "/opt/lemur/lemur/plugins/lemur_openssl/plugin.py", line 103, in create_pkcs12
lemur-1     |     run_process(
lemur-1     |   File "/opt/lemur/lemur/plugins/lemur_openssl/plugin.py", line 34, in run_process
lemur-1     |     raise Exception(stderr)
lemur-1     | Exception: b'unable to load certificates\n132074280334656:error:0908F070:PEM routines:get_header_and_data:short header:../crypto/pem/pem_lib.c:812:\n'
lemur-1     | 2024-03-21 04:23:25,582 INFO sqlalchemy.engine.base.Engine ROLLBACK
nginx-1     | 172.18.0.1 - - [21/Mar/2024:04:23:25 +0000] "POST /api/1/certificates/3/export HTTP/1.1" 500 157 "https://localhost:447/" "Mozilla/5.0 (X11; Linux x86_64; rv:123.0) Gecko/20100101 Firefox/123.0"
lemur-1     | 2024-03-21 04:23:36,093 INFO sqlalchemy.engine.base.Engine SELECT 1;
...

Is it a bug or I'm doing something wrong?

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions