Password incorrect error when importing a PKCS#12 generated by RSA Certificate Manager on Microsoft Internet Explorer
Originally Published: 2010-10-07
Article Number
Applies To
RSA Version/Condition: 6.7
Platform: Microsoft Windows 2003 Server
Platform (Other): Microsoft Internet Explorer
Issue
Attempting to import a PKCS#12 (containing a certificate and the corresponding private key) with correct password shows the following error on Microsoft Internet Explorer:
Certificate Import Wizard The password you entered is incorrect. [OK]
Cause
-----BEGIN CERTIFICATE AND KEY----- MIIJQgIBAzCCCPwGCSqGSIb3DQEHAaDDDO0EggjpMGGG5TcccOEGCSqGSIb3DQHE BaCCCNIEggjOMIIIyjCCBTYGCyqGSIb34444CgECoIIE7TCCBOkwGwYKKoZIhvNc QAwBAzANBAhQKeJPs5nU6gIBAQSCBMitmGLFyeU3EXTJ8W86fBFOhQ/J8rsH0V5S ..... ..... -----END CERTIFICATE AND KEY-----
A PEM-formatted PKCS#12 with header/footer fails to import into Microsoft Internet Explorer. Internet Explorer accepts DER-encoded PKCS#12 object for importing.
Resolution
- Remove header and footer (that look like the following) from PEM-formatted PKCS#12 and save to a file (for examle "myp12.pfx"):
-----BEGIN CERTIFICATE AND KEY----- -----END CERTIFICATE AND KEY-----
- Run the following openssl command to convert PEM-formatted PKCS#12 into DER-encoded file:
openssl base64 -d -a -in myp12.pfx -out myp12inDER.pfx
- Now import myp12inDER.pfx into Internet Explorer, which should succeed.
Notes
The PKCS#12 was generated on RSA Certificate Manager Admin Interface -> CA Operations Workbench -> View a software-based CA -> click on 'Export to PKCS#12' button and provide a password to protect the PKCS#12.
Related Articles
Email and log file timestamps are incorrect in RSA Identity Governance & Lifecycle Number of Views Cloud Administration FIDO Authenticator API Number of Views RSA Governance & Lifecycle LDAP Novell eDirectory Connector Guide Number of Views Recommendations on undocumented WebSphere or WebLogic parameters for use with RSA Identity Governance and Lifecyle Number of Views RSA Certificate Manager security vulnerabilities for Apache - False Positives (CVE-2011-3368 / CVE-2012-0053 / CVE-2013-18… Number of Views
Trending Articles
Downloading RSA Authentication Manager license files or RSA Software token seed records RSA Release Notes for RSA Authentication Manager 8.8 RSA Authentication Manager 8.9 Release Notes (January 2026) Download RSA SecurID Access Cloud User Event audit logs using Cloud Administration REST API CLU RSA SecurID Software Token 5.0.2 for Windows Desktop displays message after reboot due to roaming profile: No token stor…
Don't see what you're looking for?
