I need to create a PKCS12 file in python that will contain a self-signed certificate and a private key for it. For this task, I compiled the following python code:
import OpenSSL
key = OpenSSL.crypto.PKey()
key.generate_key( OpenSSL.crypto.TYPE_RSA, 1024 )
cert = OpenSSL.crypto.X509()
cert.set_serial_number(0)
cert.get_subject().CN = "me"
cert.set_issuer( cert.get_subject() )
cert.gmtime_adj_notBefore( 0 )
cert.gmtime_adj_notAfter( 10*365*24*60*60 )
cert.set_pubkey( key )
cert.sign( key, 'md5' )
open( "certificate.cer", 'w' ).write(
OpenSSL.crypto.dump_certificate( OpenSSL.crypto.FILETYPE_PEM, cert ) )
open( "private_key.pem", 'w' ).write(
OpenSSL.crypto.dump_privatekey( OpenSSL.crypto.FILETYPE_PEM, key ) )
p12 = OpenSSL.crypto.PKCS12()
p12.set_privatekey( key )
p12.set_certificate( cert )
open( "container.pfx", 'w' ).write( p12.export() )
This code creates a .cer file that I can view on Windows, and that seems correct. He also creates a ".pfx" file, which is intended for the PKCS container number 12 with a certificate and the corresponding private key - a thing necessary for signing executable files. Unfortunately, if I try to open this ".pfx" file on Windows, it will fail with the error "file is invalid", as well as parse it using the command line tool:
certutil -asn container.pfx
Crash "decoding error" in the middle of the file.
- Python + OpenSSL PKCS # 12 Windows?
P.S. 32- ActivePython 2.7.