login about faq

Hello Everybody,

I'm using FTP2 version, I try to read an private key into a certStore for use with login at a ftp via S-FTP. I just use the code from the example with the method LoadPfxFile wiht correct path and password, but I get the folloging LastErrorText:

    DllDate: Nov 12 2016
    UnlockPrefix: NONE
    Architecture: Little Endian; 32-bit
    Language: ActiveX
    VerboseLogging: 1
    pfxPath: C:\.............\<myfile>.ppk
            PFX does not have MacData for integrity verification.
            Found primitive SEQUENCE or SETOF in ASN.1!
            ASN data length exceeds remaining number of bytes available.
            tag: 11
            idClass: 0
            bConstructed: 1
            headerLen: 2
            dataLen: 51
            inlen: 48
            Abort ASN.1 processing...
            recursiveDepth: 2
            Abort ASN.1 processing...
            recursiveDepth: 1
          Failed to get authenticated safe.

Can you please tell me what's wrong?

asked Nov 28 '16 at 11:44

triediger's gravatar image


edited Nov 29 '16 at 08:54

jpbro's gravatar image

jpbro ♦

I've done it for you this time, but in the future, please place log text, code, etc.. in <pre></pre> tags to make them easier to read. This will increase the likelihood of getting a response.

(Nov 29 '16 at 08:56) jpbro ♦

A .ppk is a PuTTY private key file (it's not a .pfx/.p12 file). A PFX (PKCS12) file is a format that contains one or more unencrypted certificates and one or more shrouded (encrypted) private keys. Typically, a PFX contains a certificate chain + 1 shrouded private key.

A .ppk however, is an entirely different format, and only contains a private key (no certificate).

Private keys are not stored in a Windows certificate store. Part of the X.509 certificate format is that it embeds the public part of the cert's associated private key. The cert (and its embedded public key) never need to be encrypted. If a .pfx (not .ppk) is "installed" on a Windows system, the certificate is installed into the Windows registry (unencrypted), and the private key is installed to something called the "protected store", which is encrypted.

If you have only a private key (no cert), then it make no sense to "install" it into a certificate store, because that's not what certificate stores contain.


answered Dec 03 '16 at 16:14

chilkat's gravatar image

chilkat ♦♦

Your answer
toggle preview

Follow this question

By Email:

Once you sign in you will be able to subscribe for any updates here



Answers and Comments

Markdown Basics

  • *italic* or __italic__
  • **bold** or __bold__
  • link:[text](http://url.com/ "title")
  • image?![alt text](/path/img.jpg "title")
  • numbered list: 1. Foo 2. Bar
  • to add a line break simply add two spaces to where you would like the new line to be.
  • basic HTML tags are also supported



Asked: Nov 28 '16 at 11:44

Seen: 1,153 times

Last updated: Dec 03 '16 at 16:14

powered by OSQA