Attempting to extract a .pfx file in vCenter 8.x fails with error: "Error verifying PKCS12 MAC no PKCS12KDF support"
search cancel

Attempting to extract a .pfx file in vCenter 8.x fails with error: "Error verifying PKCS12 MAC no PKCS12KDF support"

book

Article ID: 401847

calendar_today

Updated On:

Products

VMware vCenter Server

Issue/Introduction

  • A .pfx file has been provided by the Certificate Authority to install Custom CA certificates to the vCenter.

  • When attempting to extract the .crt and .key from the file using an OpenSSL command we receive the following error:
    Error verifying PKCS12 MAC; no PKCS12KDF support.

Environment

vCenter Server 8.0.3

Resolution

PKCS12KDF is not FIPS compliant and not supported in OpenSSL 3.0.x the vCenter Server 8.0.3 is using.

Reach out to OpenSSL community for more information.

Additional Information

Powered by Wolken Software