RejZoR

Level 10
Verified
I don't get it, I'm trying to import my banking certificate from backup medium like billion times before, I do that, enter password and it says the password is wrong. I even used a password cracking tool on the certificate and it says the password is exactly what I was trying to type in as password. So, why the hell is even password cracking tool agreeing with me, but browsers keep on bitching that password is wrong even though t's not. WTF?! I've tried in Edge, Firefox and Opera. What the hell is going on?
 
Reactions: upnorth

RejZoR

Level 10
Verified
Enter password exactly where?
When you try to import the certificate into browser. Like billion times before. I was typing in the password for certificate like an idiot and it keeps on saying the password is incorrect even though it is correct.
 
Reactions: upnorth

RejZoR

Level 10
Verified
I frankly don't understand any of it. I already have a certificate. It used to work, but now out of the blue it's bitching in all browsers that password for it is incorrect even though it IS correct. It's stupid. How can a correct password be incorrect one at teh same time? Were there some new changes to browsers that reject a certificate all of a sudden?

I've somehow managed to import it into Windows Cert Store by double clicking it and it accepted the password, then I've exported it via Opera again, tried to import it via Firefox and it's bitching again. What the hell?
 
Last edited:
Reactions: upnorth

RejZoR

Level 10
Verified
I just found out the reason. If I export the certificate and encrypt it using AES256, it'll be failing to import through all browsers. If I export it using only TripleDES encryption, it works fine. Why the hell is it offering me AES256 during exporting if it's apparently some exotic unsupported encryption for .pfx file? The hell!?

If that happens, you need to import .pfx file into Windows Certificate Store by double clicking it and it will accept even AES256 encrypted .pfx file. Then you export it via Opera which uses same store to parse the certificates, then export it and make sure you DON'T use AES256 encryption. Use TripleDES. Then it'll work in all browsers again. Bizarre. Like usual with anything I do... One would expect AES256 for certificates to be widely supported given how standard this encryption is opposed to TripleDES which has been replaced by AES256 ages ago afaik. Hm.