lemur icon indicating copy to clipboard operation
lemur copied to clipboard

Published 20 hours ago verified publisher icon Netflix

pkcs12 export not working

Open fastchain opened this issue 11 months ago • 0 comments

Hello, when I try to export with openssl pkcs12 I get this

...
lemur-1     | 2024-03-21 04:23:25,559 INFO sqlalchemy.engine.base.Engine SELECT certificates.id AS certificates_id, certificates.external_id AS certificates_external_id, certificates.owner AS certificates_owner, certificates.name AS certificates_name, certificates.description AS certificates_description, certificates.notify AS certificates_notify, certificates.body AS certificates_body, certificates.chain AS certificates_chain, certificates.csr AS certificates_csr, certificates.private_key AS certificates_private_key, certificates.issuer AS certificates_issuer, certificates.serial AS certificates_serial, certificates.cn AS certificates_cn, certificates.deleted AS certificates_deleted, certificates.dns_provider_id AS certificates_dns_provider_id, certificates.not_before AS certificates_not_before, certificates.not_after AS certificates_not_after, certificates.date_created AS certificates_date_created, certificates.signing_algorithm AS certificates_signing_algorithm, certificates.status AS certificates_status, certificates.bits AS certificates_bits, certificates.san AS certificates_san, certificates.rotation AS certificates_rotation, certificates.user_id AS certificates_user_id, certificates.authority_id AS certificates_authority_id, certificates.root_authority_id AS certificates_root_authority_id, certificates.rotation_policy_id AS certificates_rotation_policy_id, certificates.key_type AS certificates_key_type 
lemur-1     | FROM certificates 
lemur-1     | WHERE certificates.id = %(param_1)s
lemur-1     | 2024-03-21 04:23:25,559 INFO sqlalchemy.engine.base.Engine {'param_1': 3}
lemur-1     | [2024-03-21 04:23:25,573] DEBUG in plugin: ['openssl', 'pkcs12', '-export', '-name', '[email protected]', '-in', '/tmp/tmpprcz38_i', '-inkey', '/tmp/tmpnp7gw0zo', '-out', '/tmp/k78etn62', '-password', 'pass:u9TolSf)4qh@4BRMGo&2YdFl']
lemur-1     | ['openssl', 'pkcs12', '-export', '-name', '[email protected]', '-in', '/tmp/tmpprcz38_i', '-inkey', '/tmp/tmpnp7gw0zo', '-out', '/tmp/k78etn62', '-password', 'pass:u9TolSf)4qh@4BRMGo&2YdFl']
lemur-1     | ['openssl', 'pkcs12', '-export', '-name', '[email protected]', '-in', '/tmp/tmpprcz38_i', '-inkey', '/tmp/tmpnp7gw0zo', '-out', '/tmp/k78etn62', '-password', 'pass:u9TolSf)4qh@4BRMGo&2YdFl']
lemur-1     | [2024-03-21 04:23:25,578] DEBUG in plugin: openssl pkcs12 -export -name [email protected] -in /tmp/tmpprcz38_i -inkey /tmp/tmpnp7gw0zo -out /tmp/k78etn62 -password pass:u9TolSf)4qh@4BRMGo&2YdFl
lemur-1     | openssl pkcs12 -export -name [email protected] -in /tmp/tmpprcz38_i -inkey /tmp/tmpnp7gw0zo -out /tmp/k78etn62 -password pass:u9TolSf)4qh@4BRMGo&2YdFl
lemur-1     | openssl pkcs12 -export -name [email protected] -in /tmp/tmpprcz38_i -inkey /tmp/tmpnp7gw0zo -out /tmp/k78etn62 -password pass:u9TolSf)4qh@4BRMGo&2YdFl
lemur-1     | [2024-03-21 04:23:25,579] ERROR in plugin: b'unable to load certificates\n132074280334656:error:0908F070:PEM routines:get_header_and_data:short header:../crypto/pem/pem_lib.c:812:\n'
lemur-1     | b'unable to load certificates\n132074280334656:error:0908F070:PEM routines:get_header_and_data:short header:../crypto/pem/pem_lib.c:812:\n'
lemur-1     | b'unable to load certificates\n132074280334656:error:0908F070:PEM routines:get_header_and_data:short header:../crypto/pem/pem_lib.c:812:\n'
lemur-1     | [2024-03-21 04:23:25,579] DEBUG in utils: No file /tmp/k78etn62
lemur-1     | No file /tmp/k78etn62
lemur-1     | No file /tmp/k78etn62
lemur-1     | [2024-03-21 04:23:25,579] ERROR in schema: b'unable to load certificates\n132074280334656:error:0908F070:PEM routines:get_header_and_data:short header:../crypto/pem/pem_lib.c:812:\n'
lemur-1     | Traceback (most recent call last):
lemur-1     |   File "/opt/lemur/lemur/common/schema.py", line 158, in decorated_function
lemur-1     |     resp = f(*args, **kwargs)
lemur-1     |   File "/opt/lemur/lemur/certificates/views.py", line 1569, in post
lemur-1     |     extension, passphrase, data = plugin.export(
lemur-1     |   File "/opt/lemur/lemur/plugins/lemur_openssl/plugin.py", line 167, in export
lemur-1     |     create_pkcs12(body, chain, output_tmp, key, alias, passphrase)
lemur-1     |   File "/opt/lemur/lemur/plugins/lemur_openssl/plugin.py", line 103, in create_pkcs12
lemur-1     |     run_process(
lemur-1     |   File "/opt/lemur/lemur/plugins/lemur_openssl/plugin.py", line 34, in run_process
lemur-1     |     raise Exception(stderr)
lemur-1     | Exception: b'unable to load certificates\n132074280334656:error:0908F070:PEM routines:get_header_and_data:short header:../crypto/pem/pem_lib.c:812:\n'
lemur-1     | b'unable to load certificates\n132074280334656:error:0908F070:PEM routines:get_header_and_data:short header:../crypto/pem/pem_lib.c:812:\n'
lemur-1     | Traceback (most recent call last):
lemur-1     |   File "/opt/lemur/lemur/common/schema.py", line 158, in decorated_function
lemur-1     |     resp = f(*args, **kwargs)
lemur-1     |   File "/opt/lemur/lemur/certificates/views.py", line 1569, in post
lemur-1     |     extension, passphrase, data = plugin.export(
lemur-1     |   File "/opt/lemur/lemur/plugins/lemur_openssl/plugin.py", line 167, in export
lemur-1     |     create_pkcs12(body, chain, output_tmp, key, alias, passphrase)
lemur-1     |   File "/opt/lemur/lemur/plugins/lemur_openssl/plugin.py", line 103, in create_pkcs12
lemur-1     |     run_process(
lemur-1     |   File "/opt/lemur/lemur/plugins/lemur_openssl/plugin.py", line 34, in run_process
lemur-1     |     raise Exception(stderr)
lemur-1     | Exception: b'unable to load certificates\n132074280334656:error:0908F070:PEM routines:get_header_and_data:short header:../crypto/pem/pem_lib.c:812:\n'
lemur-1     | b'unable to load certificates\n132074280334656:error:0908F070:PEM routines:get_header_and_data:short header:../crypto/pem/pem_lib.c:812:\n'
lemur-1     | Traceback (most recent call last):
lemur-1     |   File "/opt/lemur/lemur/common/schema.py", line 158, in decorated_function
lemur-1     |     resp = f(*args, **kwargs)
lemur-1     |   File "/opt/lemur/lemur/certificates/views.py", line 1569, in post
lemur-1     |     extension, passphrase, data = plugin.export(
lemur-1     |   File "/opt/lemur/lemur/plugins/lemur_openssl/plugin.py", line 167, in export
lemur-1     |     create_pkcs12(body, chain, output_tmp, key, alias, passphrase)
lemur-1     |   File "/opt/lemur/lemur/plugins/lemur_openssl/plugin.py", line 103, in create_pkcs12
lemur-1     |     run_process(
lemur-1     |   File "/opt/lemur/lemur/plugins/lemur_openssl/plugin.py", line 34, in run_process
lemur-1     |     raise Exception(stderr)
lemur-1     | Exception: b'unable to load certificates\n132074280334656:error:0908F070:PEM routines:get_header_and_data:short header:../crypto/pem/pem_lib.c:812:\n'
lemur-1     | 2024-03-21 04:23:25,582 INFO sqlalchemy.engine.base.Engine ROLLBACK
nginx-1     | 172.18.0.1 - - [21/Mar/2024:04:23:25 +0000] "POST /api/1/certificates/3/export HTTP/1.1" 500 157 "https://localhost:447/" "Mozilla/5.0 (X11; Linux x86_64; rv:123.0) Gecko/20100101 Firefox/123.0"
lemur-1     | 2024-03-21 04:23:36,093 INFO sqlalchemy.engine.base.Engine SELECT 1;
...

Is it a bug or I'm doing something wrong?

fastchain avatar Mar 21 '24 04:03 fastchain