Re: convert letsencryp cert
By: phigan to Mindsurfer on Wed Apr 01 2026 12:02:16
Everything i have tried led to errors on the import of the .p12 file via
certtool.js
Are you using openssl to convert to .p12? See if it has a --legacy option that you can pass when converting.
I tried that too, adding -legacy. btw, NPM+ creates shortlived letsencrypt certficates by default. they are valid for 6 days only. Could that be an issue?
I tried so much, also worked with claude ai to figure something out.
While testing it seemed that self generated test certs could be imported successfully. Just not the ones from NPM+ letsencrypt certbot.
From my bash script (SYSPASS is pulled directly out of main.ini):
openssl pkcs12 -export -out "$P12_FILE" -inkey "$CERT_DIR/privkey.pem" -in "$CERT_DIR/fullchain.pem" -passout 'pass:$SYSPASS'
./jsexec certtool.js --import-pkcs12 "$P12_FILE"
Thats the error i mostly get. i think it means the password is wrong while trying to access the privat key.
!JavaScript /sbbs/repo/exec/certtool.js line 106: Error: Error -22 calling cryptGetPrivateKey()
I was hoping someone else had already had the exact same problem and figured out how to solve it.
Mindsurfer
---
þ Synchronet þ FuNToPiA BBS -
telnet://funtopia.synchro.net:3023 ssh:3022
* Origin: Vertrauen - [vert/cvs/bbs].synchro.net (1:103/705)