PFX unusable on MacOS - Githubissues

badfiles commented 2 years ago

Produced pfx files cannot be applied in MacOS keychain, I get 'wrong password' error The reason I believe is SHA256 MAC used, SHA1 is expected The pfx export params should be configurable. v. 2.4.0

also this is strange

openssl pkcs12 -info -in test.pfx 

Enter Import Password:
MAC: sha256, Iteration 2048
MAC length: 32, salt length: 8
PKCS7 Encrypted data: pbeWithSHA1And3-KeyTripleDES-CBC, Iteration 2048                          <--
...
PKCS7 Data
Shrouded Keybag: PBES2, PBKDF2, AES-256-CBC, Iteration 2048, PRF hmacWithSHA256                 <--
Bag Attributes

legion151 commented 2 years ago

Can confirm for android.

chris2511 commented 1 year ago

Fixed by merging #389

chris2511 / xca

PFX unusable on MacOS #360