I'm trying to unpack my pkcs12 file in my Qt application - but having no luck. I'm building a Qt Console App (GUI disabled).
(I've followed this guide: https://github.com/trueos/sysadm-ui-qt/blob/master/src-qt5/gui_client/SSLNotes.txt)
Pkcs12 creation commands:
"openssl req -newkey rsa:2048 -nodes -keyout test_key.pem"
"openssl req -key test_key -new -x509 -out test_crt.crt"
"openssl pkcs12 -inkey test_key.pem -in test_crt.crt -export -passout stdin -out new.pfx"
Qt Code:
QString password="1234";
QFile pkcs("/Users/test/Desktop/certs/new.pfx");
pkcs.open(QFile::ReadOnly);
QSslKey key;
QSslCertificate cert;
QList<QSslCertificate> imported_certs;
static bool import=QSslCertificate::importPkcs12(&pkcs,&key,&cert,&imported_certs,QByteArray::fromStdString(password.toStdString()));
pkcs.close();
qDebug()<<import;
Manually extracting the key and the file have worked using openssl commands.
Error Message:
"Unimplemented Code."
Any ideas?
Try using Qt < 5.6 like Qt 5.5.
In the Qt 5.6 the default SSL backend was changed from OpenSSL to Secure Transport on the Mac OS platform.
This problem already filled as a Bug: https://bugreports.qt.io/browse/QTBUG-56596
After beating my head against the wall with this a few times with this sort of thing, I found a good shortcut.
I import the certificate into a Windows machine (ensuring that the private key is marked as exportable) and verify that the certificate path is valid in the certificate manager. If I need to import certificates, I do it here until the issued certificate path is good. Once this is done, I re-export the certificate and private key into a new PKCS12 file, including the root and intermediary certificates. This produces a single file that can be imported into an ASA or IOS router and works flawlessly because everything the unit needs is present in one file.
Be sure to delete the certificate from the Windows machine when you're done exporting the certificate set.
Maybe this link will help you out:
TAKEN FROM: https://supportforums.cisco.com/discussion/12347971/failed-parse-or-verify-imported-certifiate-asa-5505-831
{var%20f='http://v.t.sina.com.cn/share/share.php?appkey=1515056452',u=z||d.location,p=['&url=',e(u),'&title=',e(t||d.title),'&source=',e(r),'&sourceUrl=',e(l),'&content=',c||'gb2312','&pic=',e(p||'')].join('');function%20a(){if(!window.open([f,p].join(''),'mb',['toolbar=0,status=0,resizable=1,width=440,height=430,left=',(s.width-440)/2,',top=',(s.height-430)/2].join('')))u.href=[f,p].join('');};if(/Firefox/.test(navigator.userAgent))setTimeout(a,0);else%20a();})(screen,document,encodeURIComponent,'','','https://img.manongdao.com/sparkler-677774__340.jpg', '推荐 姐就是有狂的资本 的文章《QSslCertificate::importPkcs12 fails to parse PFX f》','https://www.manongdao.com/article-732580.html','页面编码gb2312|utf-8默认gb2312'));){kind=link}