How do I create a private key when I have a certificate in a PKCS12 file?

I have client certificates for my email addresses from cacert.org and I have successfully stored themn as PKCS12 files and used them to sign emails in Thunderbird.

However, when someone uses my signed emails to send me an encrypted response, I can't decrypt them. Thunderbird tells me I have no private key, and come to think of it, I never made one in the process. Although, it would seem strange to me if the CA would send me the private key, that seems a bit unlikely.

Since only I can make the private key, and since the CA gives me the certificate, how do I create a matching key for the cert? What strikes me as weird is that I really shouldn't be able to do it this way, I think. Shouldn't I have a private-public key pair and have my public key certified?

I'm on Linux (Ubuntu Precise), and I have used ssh-keygen and openssl before, in different contexts. A general explanation that extends to more than just my setup would be appreciated.

Hanno Fietz

Posted 2013-03-20T18:06:36.590

Reputation: 1 045

How did you generate the certificate requests? You most likely generated the private key at that time. (And it's most likely in the PKCS12 file.) – David Schwartz – 2013-03-20T18:24:27.987

@David Hmmm. That seems plausible, but a) I can't remember doing it, and b) I'm pretty sure if I ever had one, I don't have it anymore. I'll try to create a new certificate and see what happens. If it's in the PKCS12 file, can I verify that? And wouldn't Thunderbird have imported it from the file, like it did with the certificate? – Hanno Fietz – 2013-03-20T18:26:04.420

Answers

You can extract the private key from the PKCS#12 file with this command:

openssl pkcs12 -nocerts -nodes < MyPKCS12file.p12 > myKeyFile.pem

David Schwartz

Posted 2013-03-20T18:06:36.590

Reputation: 58 310

Thanks. That sure produces a private key. So now to find out why Thunderbird does not use it. – Hanno Fietz – 2013-03-20T18:31:55.980

But that means the CA sent me the private key over the web. (and it has been in possession of my private key, at least at one point in time.) Isn't that defeating the purpose of the whole asymmetric crypto idea? – Hanno Fietz – 2013-03-20T18:33:42.470

Did the CA send you the PKCS#12 file? Are you sure your browser didn't make it? (Or whatever tool you were using.) – David Schwartz – 2013-03-20T18:36:03.823

I installed the certificate via the CA's website into Firefox, then exported a .p12 file. This means the certificate was ready before Firefox even knew of it (I had the CA create it by going to their website using Chrome). I don't see what should keep anybody else from using the same route. OTOH, it won't help decrypting emails addressed to me :P – Hanno Fietz – 2013-03-20T18:42:48.193

1@HannoFietz: Most likely, a program running locally inside your browser generated the P12 file, combining the cert from the CA with they key that was locally generated and never sent to the CA. But for high-security applications, I recommend not using any scheme you can't directly control to assure yourself that you generated the key and it never leaked. – David Schwartz – 2013-03-20T18:48:51.430