This is our old Q&A Site. Please post any new questions and answers at ask.wireshark.org.

I'm getting the following error from Wireshark:

error in column 'Password': Could not
load PKCS#12 key file: could not load
PKCS#12 in PEM format: Base64
unexpected header error.

Do I need to convert this? I tried using openssl with the following:

C:\Projects\openssl>C:\OpenSSL-Win32\bin\openssl.exe pkcs12 -in ExportedCert.pfx -nocerts -out key.pem -nodes
7736:error:0D0680A8:asn1 encoding routines:ASN1_CHECK_TLEN:wrong tag:.\crypto\asn1\tasn_dec.c:1198:
7736:error:0D07803A:asn1 encoding routines:ASN1_ITEM_EX_D2I:nested asn1 error:.\crypto\asn1\tasn_dec.c:372:Type=PKCS12

I also tried converting it to a Base64 encoded binary format, but had trouble:

C:\Projects\openssl>C:\OpenSSL-Win32\bin\openssl.exe pkcs12 -in DEVexportcert1.pfx -out Devexportcert1.pem -nodes
7676:error:0D0680A8:asn1 encoding routines:ASN1_CHECK_TLEN:wrong tag:.\crypto\asn1\tasn_dec.c:1198:
7676:error:0D07803A:asn1 encoding routines:ASN1_ITEM_EX_D2I:nested asn1 error:.\crypto\asn1\tasn_dec.c:372:Type=PKCS12

Is there a specific format Wireshark requires? What am I doing wrong?

asked 02 Nov '15, 09:21

justdan23's gravatar image

justdan23
6113
accept rate: 0%

edited 02 Nov '15, 09:26

Can you use openssl to check the pfx?

openssl pkcs12 -info -in ExportedCert.pfx

(02 Nov '15, 10:00) grahamb ♦

I get the same error:

C:\Projects\openssl>C:\OpenSSL-Win32\bin\openssl.exe pkcs12 -info -in ExportedCert.pfx
3100:error:0D0680A8:asn1 encoding routines:ASN1_CHECK_TLEN:wrong tag:.\crypto\asn1\tasn_dec.c:1198:
3100:error:0D07803A:asn1 encoding routines:ASN1_ITEM_EX_D2I:nested asn1 error:.\crypto\asn1\tasn_dec.c:372:Type=PKCS12

I generated a new one with openssl and the generated one is a binary format; unlike the original one which has "BEGIN CERTIFICATE" at the top.

Wireshark liked the generated version. So I suspect this is a PEM file of only the Certificate? And not a PFX?

(02 Nov '15, 10:19) justdan23
1

pkcs#12 is a binary container. If you can read "BEGIN CERTIFICATE" then it's not a pcks#12 container.

(02 Nov '15, 16:10) Kurt Knochner ♦

Thanks! I exported the pfx from IIS and added it successfully to Wireshark.

(05 Nov '15, 12:39) justdan23
Be the first one to answer this question!
toggle preview

Follow this question

By Email:

Once you sign in you will be able to subscribe for any updates here

By RSS:

Answers

Answers and Comments

Markdown Basics

  • *italic* or _italic_
  • **bold** or __bold__
  • link:[text](http://url.com/ "title")
  • image?![alt text](/path/img.jpg "title")
  • numbered list: 1. Foo 2. Bar
  • to add a line break simply add two spaces to where you would like the new line to be.
  • basic HTML tags are also supported

Question tags:

×319
×69
×1

question asked: 02 Nov '15, 09:21

question was seen: 7,926 times

last updated: 05 Nov '15, 12:39

p​o​w​e​r​e​d by O​S​Q​A