Tranquil IT Forum

Contact us
at https://forum.tranquil.it/

[RESOLVED] Update 2.4 and personal certificate

https://forum.tranquil.it/viewtopic.php?t=3514

Page 1 of 1

[RESOLVED] Update 2.4 and personal certificate

Published: June 13, 2023 - 08:41
by corriou
Good morning,

I just upgraded from version 2.3 to version 2.4 Community (up-to-date Debian 11 server).
After updating following the official instructions, I accessed the wapt webpage and installed wapt-setup 2.4.0.14058. After some trial and error with the certificates, I finally launched the console and tried to edit a post. I received the following message:

Code: Select all

Unable to red key data.Either supplied password is wrong or not proper key data (must be PKCS#8 or PKCS#12).
I don't have a PKCS #8 or 12 file (and I never had one in previous versions), but the password is correct. I tested it by going to "Tools->Settings->Personal Certificate Path".

Do you have any leads?

Best regards,

Re: Update 2.4 and personal certificate

Published: June 13, 2023 - 12:39
by dcardon
Hello Alain,

the message is indeed not very clear. The pkcs#8 format corresponds to the historical WAPT .pem (private key) / .crt (public key) format. The pkcs#12 format corresponds to a file format where the .pem and .crt are contained within the same .p12 or .pfx file.
We plan to switch to a .p12/.pfx format in the future to prevent WAPT users from confusing the public and private keys.

That said, in your case the message is quite strange; it means that the console cannot recognize the .pem / .crt file format. What version of WAPT was your private key generated with? Was it with a very old version (like before 1.8?), as there can be differences in interpretation with OpenSSL updates.

Could you try changing the key password through the console? That should update the file format.

Regards,

Denis

Re: Update 2.4 and personal certificate

Published: June 13, 2023 - 2:38 PM
by corriou
I just changed the password. Everything went smoothly when I entered the old password. I restarted the console and... I get the same message.
The key is indeed very old, probably created during Wapt version 1.5. For your information, the .p12 file is not created when the password is changed.
I currently see two avenues to explore further:
  • Create the file using the command line from the two .pem and .crt files, but there may be specific options to specify for this creation
  • create a new private key, but I haven't looked closely at what that would entail
I tried the first solution without success (I get the same message):

Code: Select all

openssl pkcs12 -export -out wapt-private.p12 -in wapt-private.crt -inkey wapt-private.pem

[RESOLVED] Update 2.4 and personal certificate

Published: June 20, 2023 - 10:48
by corriou
I ended up generating a new key, re-signing the packages, and generating a new agent. It's working again

Re: [RESOLVED] Update 2.4 and personal certificate

Published: June 20, 2023 - 5:10 PM
by dcardon
Thanks for the feedback, Alain :-)
Denis
Time zone set to UTC+02:00
Page 1 of 1

Developed by phpBB® Forum Software © phpBB Limited

Official French translation © Qiaeru