User profile for user: Paul_74
Paul_74 Author
User level: Level 1
42 points

Importing P12 into Keychain access fails due to incorrect password

When importing a P12/PFX file into Keychain Access in macOS 13.5 it fails with an incorrect password message. The same P12/PFX file imports successfully into Firefox. Both the private key and certificate can be extracted using openssl.


The P12 contains a private key and certificate signed using my own root CA (self signed). The P12 file is used for mutual SSL for a website which requires mutual SSL.


It looks like a recent update has broken the P12/PFX import functionality. P12s/PFXs which have already been imported are still present and work as expected.


Is anyone else having a problem? What has Apple changed? It looks like a software bug around the password handling of a P12 in macOS Keychain Access.

MacBook Air 13″

Posted on Aug 23, 2023 4:06 AM

Reply
Question marked as Top-ranking reply
User profile for user: Paul_74
Paul_74 Author
User level: Level 1
42 points

Posted on Aug 23, 2023 9:32 AM

I've resolved the problem. There are multiple versions of openssl on my MacBook. I was using a third party version to generate the P12. After switching to the /usr/bin/openssl version and regenerating the P12 the import worked.

View in context

Similar questions

2 replies

This thread has been closed by the system or the community team. You may vote for any posts you find helpful, or search the Community for additional answers.

Importing P12 into Keychain access fails due to incorrect password

Welcome to Apple Support Community
A forum where Apple customers help each other with their products. Get started with your Apple Account.
Learn more Sign up