Inserting a P12 failed when using OpenSSL?

Description of the issue

Without a MAC and under Windows many publications or at least many different tutorials demonstrate how via OpenSSL you can create a p12 Certificate.

Then following scrupulously all the different variants or modus operandi to create its RSA key, then its CSR and download the CER or CRT file depending on the OS. Then to convert this CER (DER format) in PEM to finally finish to create the P12 with all that it must comprise inside.

All this in relation of course with the Profile that you can find in the Apple Developer Center as well as the certificates part.

But here I had to do all the variations and all the possible manipulations Bitrise accepts the Profile (and it is the good certificate pointed in every time) but when the P12 (without password) is inserted it says to me that an error appeared without really other forms of explanations besides and that I cannot insert it.

Now I do the same thing but with the Keychain tool of the Mac OS and bingo everything works it accepts the P12.

So my question: is Bitrise compatible with OpenSSL? and/or Windows for obscure reasons of formats, extensions, encoding, etc.? or is it OpenSSL that does not do at all the same thing as KeyChain in MAC and then causes this problem of insertion in Bitrise?

Thank you very much for your feedback, it will prevent me from being stubborn and understanding that without MAC it is impossible but then it should be specified in your documentation because nothing mentions it somewhere or I have not seen it :frowning:

Have a nice day.



Which build Step causes the issue and which version of the step?

Code signin – Insert a p12 file made with OpenSSL in Windows 10/11

We had the same issue.
In our case it was related to the openssl version (it was working with v1.1 but it wasn’t with version 3.1).
We solved our issue with the -legacy option, more on this: c++ - OpenSSL 3.0.2 PKCS12_parse Failure - Stack Overflow.

I hope that helps.