Bug 631000

Summary: rhel6 openssl creates PKCS#8 encoded PEM RSA private key files, nss can't read them
Product: Red Hat Enterprise Linux 6 Reporter: Dennis Gilmore <dennis>
Component: nssAssignee: Elio Maldonado Batiz <emaldona>
Status: CLOSED ERRATA QA Contact: Aleš Mareček <amarecek>
Severity: urgent Docs Contact:
Priority: high    
Version: 6.0CC: amarecek, dwmw2, ebenes, emaldona, gholms, herrold, rmeggins, rrelyea
Target Milestone: rc   
Target Release: 6.1   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: nss-3.12.9-1.el6 Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2011-05-19 14:03:31 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On: 630102    
Bug Blocks:    

Description Dennis Gilmore 2010-09-07 15:16:28 UTC 
Description of problem:

RHEL 6's openssl creates PKCS#8 encoded PEM RSA private key files.

nss can not read them,  it breaks using ssl cert auth with curl for instance.

Version-Release number of selected component (if applicable):


How reproducible:
always

Steps to Reproduce:
1. get ssl cert from FAS (Fedora Account System)
2. try and upload new sources to lookaside cache
3.
  
Actual results:
Fails with ssl error

Expected results:
sources to be uploaded

Additional info:

This has been fixed in Fedora
Comment 2 Elio Maldonado Batiz 2010-09-10 17:42:08 UTC 
(In reply to comment #0) 
> This has been fixed in Fedora
Yes, and the associated Fedora bug was cloned for RHEL-6 as
https://bugzilla.redhat.com/show_bug.cgi?id=630102
Comment 3 Elio Maldonado Batiz 2010-10-14 21:23:40 UTC 
*** Bug 614531 has been marked as a duplicate of this bug. ***
Comment 4 Elio Maldonado Batiz 2010-10-14 21:24:49 UTC 
*** Bug 630102 has been marked as a duplicate of this bug. ***
Comment 14 errata-xmlrpc 2011-05-19 14:03:31 UTC 
An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on therefore solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.

http://rhn.redhat.com/errata/RHBA-2011-0692.html
Comment 15 David Woodhouse 2016-08-22 20:40:13 UTC 
Works for unencrypted PKCS#8 keys. Doesn't seem to work if they have a passphrase...