Linux, Android, .p12

I am having a problem generating a .p12 file for RealVNC Viever correctly.

Android accepts the file, while the program responds that it cannot use this certificate for authentication.

Can anyone tell me how to generate using openssl on linux these certificates so that the program will recognize them? 

I tried with RSA and ECDSA with a P-256 curve.
When exporting I used "openssl pkcs12 -export -legacy ..."

If anyone has a ready script to generate for the server and client and would post it here, I would appreciate it. 





  • openssl ecparam -genkey -name prime256v1 -noout -out myCA.key
    openssl req -new -x509 -days 3650 -key myCA.key -out myCA.crt
    openssl ecparam -genkey -name prime256v1 -noout -out server-key.pem
    openssl req -new -key server-key.pem -out server-csr.pem
    openssl x509 -req -days 365 -in server-csr.pem -CA myCA.crt -CAkey myCA.key -CAcreateserial -out server-cert.pem
    cat server-key.pem server-cert.pem > server-key-cert.pem

    openssl genpkey -algorithm EC -pkeyopt ec_paramgen_curve:prime256v1 -out client-key.pem
    openssl req -new -key client-key.pem -out client-csr.pem
    openssl x509 -req -days 365 -in client-csr.pem -CA myCA.crt -CAkey myCA.key -CAcreateserial -out client-cert.pem
    cat client-key-cert.pem myCA.crt > client-key-cert-final.pem
    openssl pkcs12 -export -in client-key-cert-final.pem -inkey client-key.pem -out client-key-cert-final.p12 -name "Client Key and Certificate" -caname "My CA" -legacy

    Comment actions Permalink
  • What am I doing wrong? Sorry for spam

    Comment actions Permalink

Please sign in to leave a comment.

Didn't find what you were looking for?

New post