631000 – rhel6 openssl creates PKCS#8 encoded PEM RSA private key files, nss can't read them

Bug 631000 - rhel6 openssl creates PKCS#8 encoded PEM RSA private key files, nss can't read them

Summary: rhel6 openssl creates PKCS#8 encoded PEM RSA private key files, nss can't rea...

Status:	CLOSED ERRATA
Alias:	None
Product:	Red Hat Enterprise Linux 6
Classification:	Red Hat
Component:	nss
Sub Component:	(Show other bugs)
Version:	6.0
Hardware:	All
OS:	Linux
Priority:	high
Severity:	urgent
Target Milestone:	rc
Target Release:	6.1
Assignee:	Elio Maldonado Batiz
QA Contact:	Aleš Mareček
Docs Contact:
URL:
Whiteboard:
Keywords:
Duplicates (2):	614531 630102 (view as bug list)
Depends On:	630102
Blocks:
TreeView+	depends on / blocked

Reported:	2010-09-07 15:16 UTC by Dennis Gilmore
Modified:	2016-08-22 20:40 UTC (History)
CC List:	8 users (show)
Fixed In Version:	nss-3.12.9-1.el6
Doc Type:	Bug Fix
Doc Text:
Story Points:	---
Clone Of:
Environment:
Last Closed:	2011-05-19 14:03:31 UTC
Type:	---
Regression:	---
Mount Type:	---
Documentation:	---
CRM:
Verified Versions:
Category:	---
oVirt Team:	---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team:	---

Attachments	(Terms of Use)
Add an attachment (proposed patch, testcase, etc.)

External Trackers
Tracker	ID	Priority	Status	Summary	Last Updated
Red Hat Product Errata	RHBA-2011:0692	normal	SHIPPED_LIVE	nspr, nss, nss-softokn, and nss-util bug fix and enhancement update	2011-05-19 09:37:17 UTC

Description Dennis Gilmore 2010-09-07 15:16:28 UTC

Description of problem:

RHEL 6's openssl creates PKCS#8 encoded PEM RSA private key files.

nss can not read them,  it breaks using ssl cert auth with curl for instance.

Version-Release number of selected component (if applicable):


How reproducible:
always

Steps to Reproduce:
1. get ssl cert from FAS (Fedora Account System)
2. try and upload new sources to lookaside cache
3.
  
Actual results:
Fails with ssl error

Expected results:
sources to be uploaded

Additional info:

This has been fixed in Fedora

Comment 2 Elio Maldonado Batiz 2010-09-10 17:42:08 UTC

(In reply to comment #0) 
> This has been fixed in Fedora
Yes, and the associated Fedora bug was cloned for RHEL-6 as
https://bugzilla.redhat.com/show_bug.cgi?id=630102

Comment 3 Elio Maldonado Batiz 2010-10-14 21:23:40 UTC

*** Bug 614531 has been marked as a duplicate of this bug. ***

Comment 4 Elio Maldonado Batiz 2010-10-14 21:24:49 UTC

*** Bug 630102 has been marked as a duplicate of this bug. ***

Comment 14 errata-xmlrpc 2011-05-19 14:03:31 UTC

An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on therefore solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.

http://rhn.redhat.com/errata/RHBA-2011-0692.html

Comment 15 David Woodhouse 2016-08-22 20:40:13 UTC

Works for unencrypted PKCS#8 keys. Doesn't seem to work if they have a passphrase...

Note You need to log in before you can comment on or make changes to this bug.