EldoS | Feel safer!

Software components for data protection, secure storage and transfer

Exporting to PFX file: result not usable by windows

Also by EldoS: Callback File System
Create virtual file systems and disks, expose and manage remote data as if they were files on the local disk.
Posted: 07/04/2006 09:10:18
by Stephane Grobety (Priority Standard support level)
Joined: 04/18/2006
Posts: 165


I have self-signed X509 certificates stored in a database (two blobs, on encrpyted password field).

I want to allow the user to export the certificate in PFX format and include the private key.

I have code that works like this:

Certificate.LoadKeyFromStreamPEM(keyDataBLOB, KeyPasswordField);
FileStream := TFileStream.Create(FileName, fmCreate or fmShareExclusive);
  FileStream.Position := 0;
  FileStream.Size := 0;
  if Certificate.SaveToStreamPFX(FileStream, '', SB_ALGORITHM_PBE_SHA1_3DES, SB_ALGORITHM_PBE_SHA1_RC4_128) <> 0 then
            ShowMessage('Error saving certificate to PFX file');

This seems to work, but when I try to load the resulting PFX file (that is, when I double-click on it), the windows wizard never let me pass the key password.

I have tried assigning a different password to the SaveToStreamPFX call: nothing changes.

What am I doing wrong ?
Posted: 07/04/2006 09:21:26
by Ken Ivanov (EldoS Corp.)

Windows cryptographic providers do not understand RC4/128 bit cipher. Please consider using 40-bit cipher (e.g., SB_ALGORITHM_PBE_SHA1_RC2_40) instead.
Posted: 07/04/2006 09:47:57
by Stephane Grobety (Priority Standard support level)
Joined: 04/18/2006
Posts: 165

fast, clear, to the point and exact answer: I couldn't ask for better support :)

Thanks a lot: it works now.



Topic viewed 2961 times

Number of guests: 1, registered members: 0, in total hidden: 0


Back to top

As of July 15, 2016 EldoS Corporation will operate as a division of /n software inc. For more information, please read the announcement.

Got it!