login about faq

Hello Everybody,

I'm using FTP2 version 9.5.0.64, I try to read an private key into a certStore for use with login at a ftp via S-FTP. I just use the code from the example with the method LoadPfxFile wiht correct path and password, but I get the folloging LastErrorText:

ChilkatLog:
  LoadPfxFile:
    DllDate: Nov 12 2016
    ChilkatVersion: 9.5.0.64
    UnlockPrefix: NONE
    Architecture: Little Endian; 32-bit
    Language: ActiveX
    VerboseLogging: 1
    pfxPath: C:\.............\<myfile>.ppk
    importPfxData:
      pkcs12FromDb:
        loadPkcs12Inner:
          verifyHmacIntegrity:
            PFX does not have MacData for integrity verification.
          --verifyHmacIntegrity
          der_to_xml:
            Found primitive SEQUENCE or SETOF in ASN.1!
            ASN data length exceeds remaining number of bytes available.
            tag: 11
            idClass: 0
            bConstructed: 1
            headerLen: 2
            dataLen: 51
            inlen: 48
            Abort ASN.1 processing...
            recursiveDepth: 2
            Abort ASN.1 processing...
            recursiveDepth: 1
          --der_to_xml
          Failed to get authenticated safe.
        --loadPkcs12Inner
      --pkcs12FromDb
    --importPfxData
    Failed.
  --LoadPfxFile
--ChilkatLog

Can you please tell me what's wrong?

asked Nov 28 '16 at 11:44

triediger's gravatar image

triediger
1

edited Nov 29 '16 at 08:54

jpbro's gravatar image

jpbro ♦
1.1k2618

I've done it for you this time, but in the future, please place log text, code, etc.. in <pre></pre> tags to make them easier to read. This will increase the likelihood of getting a response.

(Nov 29 '16 at 08:56) jpbro ♦

A .ppk is a PuTTY private key file (it's not a .pfx/.p12 file). A PFX (PKCS12) file is a format that contains one or more unencrypted certificates and one or more shrouded (encrypted) private keys. Typically, a PFX contains a certificate chain + 1 shrouded private key.

A .ppk however, is an entirely different format, and only contains a private key (no certificate).

Private keys are not stored in a Windows certificate store. Part of the X.509 certificate format is that it embeds the public part of the cert's associated private key. The cert (and its embedded public key) never need to be encrypted. If a .pfx (not .ppk) is "installed" on a Windows system, the certificate is installed into the Windows registry (unencrypted), and the private key is installed to something called the "protected store", which is encrypted.

If you have only a private key (no cert), then it make no sense to "install" it into a certificate store, because that's not what certificate stores contain.

link

answered Dec 03 '16 at 16:14

chilkat's gravatar image

chilkat ♦♦
11.9k316359425

Your answer
toggle preview

Follow this question

By Email:

Once you sign in you will be able to subscribe for any updates here

By RSS:

Answers

Answers and Comments

Markdown Basics

  • *italic* or __italic__
  • **bold** or __bold__
  • link:[text](http://url.com/ "title")
  • image?![alt text](/path/img.jpg "title")
  • numbered list: 1. Foo 2. Bar
  • to add a line break simply add two spaces to where you would like the new line to be.
  • basic HTML tags are also supported

Tags:

×132

Asked: Nov 28 '16 at 11:44

Seen: 256 times

Last updated: Dec 03 '16 at 16:14

powered by OSQA