|

Error when using an encrypted private key

View: New views

4 Messages — Rating Filter: Alert me

	Error when using an encrypted private key by skawaii :: Rate this Message: \| View Threaded \| Show Only this Message I'm using Linux Mint 12, which comes with GnuTLS 2.10.5. I'm working on configuring Git with https. On Linux Mint, Git is using GnuTLS under the hood, so I'm hoping this is the right place to get help. Basically, what I'm seeing is that my requests never get to the server when I use an encrypted private key. I started using gnutls-cli to debug and this is what I'm seeing: $ gnutls-cli -V --x509certfile usercert.pem --x509keyfile userkey.pem titan.cloud.company.com Processed 1 client certificates... *** Error loading key file: ASN1 parser: Error in TAG. If I use an unencrypted private key, then the connection is successfully made: $ gnutls-cli -V --x509certfile usercert.pem --x509keyfile userkey2.pem titan.cloud.company.com Processed 1 client certificates... Processed 1 client X.509 certificates... Resolving 'titan.cloud.company.com'... Connecting to '192.169.2.1:443'... .... What I'm really wondering is can I use encrypted keys with GnuTLS 2.10.5? If so, any hints on what else could be the problem? I'd really prefer to not have my private key stored in the clear. Thanks for the help, Jason _______________________________________________ Help-gnutls mailing list Help-gnutls@... https://lists.gnu.org/mailman/listinfo/help-gnutls Jason Cooper Software Engineer Northrop Grumman Intelligence Group (TASC)
	Re: Error when using an encrypted private key by Nikos Mavrogiannopoulos :: Rate this Message: \| View Threaded \| Show Only this Message On 01/13/2012 09:44 PM, Jason Cooper wrote: > I'm using Linux Mint 12, which comes with GnuTLS 2.10.5. I'm working > on configuring Git with https. On Linux Mint, Git is using GnuTLS > under the hood, so I'm hoping this is the right place to get help. Hellom GnuTLS is a library. How it is being used depends on the application. [...] > What I'm really wondering is can I use encrypted keys with GnuTLS > 2.10.5? If so, any hints on what else could be the problem? I'd > really prefer to not have my private key stored in the clear. How did you encrypt your private key? GnuTLS supports two types of encrypted keys. PKCS #8 and PKCS #12 [0]. btw. gnutls-cli doesn't support encrypted keys, use certtool to read them. [0]. http://www.gnu.org/software/gnutls/manual/html_node/Managing-encrypted-keys.html regards, Nikos _______________________________________________ Help-gnutls mailing list Help-gnutls@... https://lists.gnu.org/mailman/listinfo/help-gnutls
	Re: Error when using an encrypted private key by skawaii :: Rate this Message: \| View Threaded \| Show Only this Message On Sat, Jan 14, 2012 at 3:51 AM, Nikos Mavrogiannopoulos <nmav@...> wrote: On 01/13/2012 09:44 PM, Jason Cooper wrote: > I'm using Linux Mint 12, which comes with GnuTLS 2.10.5. I'm working > on configuring Git with https. On Linux Mint, Git is using GnuTLS > under the hood, so I'm hoping this is the right place to get help. Hellom GnuTLS is a library. How it is being used depends on the application. [...] > What I'm really wondering is can I use encrypted keys with GnuTLS > 2.10.5? If so, any hints on what else could be the problem? I'd > really prefer to not have my private key stored in the clear. How did you encrypt your private key? GnuTLS supports two types of encrypted keys. PKCS #8 and PKCS #12 [0]. Ah, well that might be the problem. I do have a PKCS#12 file, but it's both my private key and public cert. I export my private key from that using OpenSSL (openssl pkcs12 -nocerts -in mycert.p12 -out userkey.pem), but it sounds like I need to export that as a PKCS#8 or PKCS#12 file. Good to know. Thanks for the info. [0]. http://www.gnu.org/software/gnutls/manual/html_node/Managing-encrypted-keys.html regards, Nikos I exported my private key as PKCS#8, but am still getting the same error. The only thing that is currently working for me is to use my unencrypted private key. Any ideas why this might be? Again, I'm using Git 1.7.8.3 w/ GnuTLS 2.10.5 on Linux Mint 12. Thanks for your help, Jason _______________________________________________ Help-gnutls mailing list Help-gnutls@... https://lists.gnu.org/mailman/listinfo/help-gnutls Jason Cooper Software Engineer Northrop Grumman Intelligence Group (TASC)
	Re: Error when using an encrypted private key by Nikos Mavrogiannopoulos :: Rate this Message: \| View Threaded \| Show Only this Message On 01/17/2012 01:04 AM, Jason Cooper wrote: >> Ah, well that might be the problem. I do have a PKCS#12 file, but >> it's both my private key and public cert. I export my private key >> from that using OpenSSL (openssl pkcs12 -nocerts -in mycert.p12 >> -out userkey.pem), but it sounds like I need to export that as a >> PKCS#8 or PKCS#12 file. Good to know. Thanks for the info. [...] > I exported my private key as PKCS#8, but am still getting the same > error. The only thing that is currently working for me is to use my > unencrypted private key. Any ideas why this might be? I believe you should check with the developers of git. Even if gnutls supports encrypted key, programs might not use that functionality. regards, Nikos _______________________________________________ Help-gnutls mailing list Help-gnutls@... https://lists.gnu.org/mailman/listinfo/help-gnutls