Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

pkcs12 export not working #4799

Open
fastchain opened this issue Mar 21, 2024 · 0 comments
Open

pkcs12 export not working #4799

fastchain opened this issue Mar 21, 2024 · 0 comments

Comments

@fastchain
Copy link

Hello,
when I try to export with openssl pkcs12 I get this

...
lemur-1     | 2024-03-21 04:23:25,559 INFO sqlalchemy.engine.base.Engine SELECT certificates.id AS certificates_id, certificates.external_id AS certificates_external_id, certificates.owner AS certificates_owner, certificates.name AS certificates_name, certificates.description AS certificates_description, certificates.notify AS certificates_notify, certificates.body AS certificates_body, certificates.chain AS certificates_chain, certificates.csr AS certificates_csr, certificates.private_key AS certificates_private_key, certificates.issuer AS certificates_issuer, certificates.serial AS certificates_serial, certificates.cn AS certificates_cn, certificates.deleted AS certificates_deleted, certificates.dns_provider_id AS certificates_dns_provider_id, certificates.not_before AS certificates_not_before, certificates.not_after AS certificates_not_after, certificates.date_created AS certificates_date_created, certificates.signing_algorithm AS certificates_signing_algorithm, certificates.status AS certificates_status, certificates.bits AS certificates_bits, certificates.san AS certificates_san, certificates.rotation AS certificates_rotation, certificates.user_id AS certificates_user_id, certificates.authority_id AS certificates_authority_id, certificates.root_authority_id AS certificates_root_authority_id, certificates.rotation_policy_id AS certificates_rotation_policy_id, certificates.key_type AS certificates_key_type 
lemur-1     | FROM certificates 
lemur-1     | WHERE certificates.id = %(param_1)s
lemur-1     | 2024-03-21 04:23:25,559 INFO sqlalchemy.engine.base.Engine {'param_1': 3}
lemur-1     | [2024-03-21 04:23:25,573] DEBUG in plugin: ['openssl', 'pkcs12', '-export', '-name', '[email protected]', '-in', '/tmp/tmpprcz38_i', '-inkey', '/tmp/tmpnp7gw0zo', '-out', '/tmp/k78etn62', '-password', 'pass:u9TolSf)4qh@4BRMGo&2YdFl']
lemur-1     | ['openssl', 'pkcs12', '-export', '-name', '[email protected]', '-in', '/tmp/tmpprcz38_i', '-inkey', '/tmp/tmpnp7gw0zo', '-out', '/tmp/k78etn62', '-password', 'pass:u9TolSf)4qh@4BRMGo&2YdFl']
lemur-1     | ['openssl', 'pkcs12', '-export', '-name', '[email protected]', '-in', '/tmp/tmpprcz38_i', '-inkey', '/tmp/tmpnp7gw0zo', '-out', '/tmp/k78etn62', '-password', 'pass:u9TolSf)4qh@4BRMGo&2YdFl']
lemur-1     | [2024-03-21 04:23:25,578] DEBUG in plugin: openssl pkcs12 -export -name [email protected] -in /tmp/tmpprcz38_i -inkey /tmp/tmpnp7gw0zo -out /tmp/k78etn62 -password pass:u9TolSf)4qh@4BRMGo&2YdFl
lemur-1     | openssl pkcs12 -export -name [email protected] -in /tmp/tmpprcz38_i -inkey /tmp/tmpnp7gw0zo -out /tmp/k78etn62 -password pass:u9TolSf)4qh@4BRMGo&2YdFl
lemur-1     | openssl pkcs12 -export -name [email protected] -in /tmp/tmpprcz38_i -inkey /tmp/tmpnp7gw0zo -out /tmp/k78etn62 -password pass:u9TolSf)4qh@4BRMGo&2YdFl
lemur-1     | [2024-03-21 04:23:25,579] ERROR in plugin: b'unable to load certificates\n132074280334656:error:0908F070:PEM routines:get_header_and_data:short header:../crypto/pem/pem_lib.c:812:\n'
lemur-1     | b'unable to load certificates\n132074280334656:error:0908F070:PEM routines:get_header_and_data:short header:../crypto/pem/pem_lib.c:812:\n'
lemur-1     | b'unable to load certificates\n132074280334656:error:0908F070:PEM routines:get_header_and_data:short header:../crypto/pem/pem_lib.c:812:\n'
lemur-1     | [2024-03-21 04:23:25,579] DEBUG in utils: No file /tmp/k78etn62
lemur-1     | No file /tmp/k78etn62
lemur-1     | No file /tmp/k78etn62
lemur-1     | [2024-03-21 04:23:25,579] ERROR in schema: b'unable to load certificates\n132074280334656:error:0908F070:PEM routines:get_header_and_data:short header:../crypto/pem/pem_lib.c:812:\n'
lemur-1     | Traceback (most recent call last):
lemur-1     |   File "/opt/lemur/lemur/common/schema.py", line 158, in decorated_function
lemur-1     |     resp = f(*args, **kwargs)
lemur-1     |   File "/opt/lemur/lemur/certificates/views.py", line 1569, in post
lemur-1     |     extension, passphrase, data = plugin.export(
lemur-1     |   File "/opt/lemur/lemur/plugins/lemur_openssl/plugin.py", line 167, in export
lemur-1     |     create_pkcs12(body, chain, output_tmp, key, alias, passphrase)
lemur-1     |   File "/opt/lemur/lemur/plugins/lemur_openssl/plugin.py", line 103, in create_pkcs12
lemur-1     |     run_process(
lemur-1     |   File "/opt/lemur/lemur/plugins/lemur_openssl/plugin.py", line 34, in run_process
lemur-1     |     raise Exception(stderr)
lemur-1     | Exception: b'unable to load certificates\n132074280334656:error:0908F070:PEM routines:get_header_and_data:short header:../crypto/pem/pem_lib.c:812:\n'
lemur-1     | b'unable to load certificates\n132074280334656:error:0908F070:PEM routines:get_header_and_data:short header:../crypto/pem/pem_lib.c:812:\n'
lemur-1     | Traceback (most recent call last):
lemur-1     |   File "/opt/lemur/lemur/common/schema.py", line 158, in decorated_function
lemur-1     |     resp = f(*args, **kwargs)
lemur-1     |   File "/opt/lemur/lemur/certificates/views.py", line 1569, in post
lemur-1     |     extension, passphrase, data = plugin.export(
lemur-1     |   File "/opt/lemur/lemur/plugins/lemur_openssl/plugin.py", line 167, in export
lemur-1     |     create_pkcs12(body, chain, output_tmp, key, alias, passphrase)
lemur-1     |   File "/opt/lemur/lemur/plugins/lemur_openssl/plugin.py", line 103, in create_pkcs12
lemur-1     |     run_process(
lemur-1     |   File "/opt/lemur/lemur/plugins/lemur_openssl/plugin.py", line 34, in run_process
lemur-1     |     raise Exception(stderr)
lemur-1     | Exception: b'unable to load certificates\n132074280334656:error:0908F070:PEM routines:get_header_and_data:short header:../crypto/pem/pem_lib.c:812:\n'
lemur-1     | b'unable to load certificates\n132074280334656:error:0908F070:PEM routines:get_header_and_data:short header:../crypto/pem/pem_lib.c:812:\n'
lemur-1     | Traceback (most recent call last):
lemur-1     |   File "/opt/lemur/lemur/common/schema.py", line 158, in decorated_function
lemur-1     |     resp = f(*args, **kwargs)
lemur-1     |   File "/opt/lemur/lemur/certificates/views.py", line 1569, in post
lemur-1     |     extension, passphrase, data = plugin.export(
lemur-1     |   File "/opt/lemur/lemur/plugins/lemur_openssl/plugin.py", line 167, in export
lemur-1     |     create_pkcs12(body, chain, output_tmp, key, alias, passphrase)
lemur-1     |   File "/opt/lemur/lemur/plugins/lemur_openssl/plugin.py", line 103, in create_pkcs12
lemur-1     |     run_process(
lemur-1     |   File "/opt/lemur/lemur/plugins/lemur_openssl/plugin.py", line 34, in run_process
lemur-1     |     raise Exception(stderr)
lemur-1     | Exception: b'unable to load certificates\n132074280334656:error:0908F070:PEM routines:get_header_and_data:short header:../crypto/pem/pem_lib.c:812:\n'
lemur-1     | 2024-03-21 04:23:25,582 INFO sqlalchemy.engine.base.Engine ROLLBACK
nginx-1     | 172.18.0.1 - - [21/Mar/2024:04:23:25 +0000] "POST /api/1/certificates/3/export HTTP/1.1" 500 157 "https://localhost:447/" "Mozilla/5.0 (X11; Linux x86_64; rv:123.0) Gecko/20100101 Firefox/123.0"
lemur-1     | 2024-03-21 04:23:36,093 INFO sqlalchemy.engine.base.Engine SELECT 1;
...

Is it a bug or I'm doing something wrong?
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@fastchain