How do I use a P7B file with Ubuntu?

Question

Excuse my poor English and my ignorance about Ubuntu and Linux world in general.

I just received a .p7b file in order to connect with a private site through HTTPS. Using MS Windows, I just have to double-click that file and install it, but doing that with Ubuntu pops up a window where I could see all the details of certificate, then there were two buttons: "Close", that is the only one I can press, and "Import", that is gray and therefore useless.

So I searched around the Internet for a solution, then copied the .p7b file in /usr/local/share/ca-certificates/ and ran update-ca-certificates with root permission. Nonetheless, if I tried to connect that site, Chrome gives me a NET::ERR_CERT_AUTHORITY_INVALID. If I run againt update-ca-certificates, output is still the same it was the first time:

Updating certificates in /etc/ssl/certs...
7 added, 7 removed; done.
Running hooks in /etc/ca-certificates/update.d...

Adding debian:Entrust.net_Secure_Server_CA.pem
Adding debian:GTE_CyberTrust_Global_Root.pem
Adding debian:RSA_Root_Certificate_1.pem
Adding debian:Thawte_Premium_Server_CA.pem
Adding debian:Thawte_Server_CA.pem
Adding debian:ValiCert_Class_1_VA.pem
Adding debian:ValiCert_Class_2_VA.pem
Removing debian:Entrust.net_Secure_Server_CA.pem
Removing debian:GTE_CyberTrust_Global_Root.pem
Removing debian:RSA_Root_Certificate_1.pem
Removing debian:Thawte_Premium_Server_CA.pem
Removing debian:Thawte_Server_CA.pem
Removing debian:ValiCert_Class_1_VA.pem
Removing debian:ValiCert_Class_2_VA.pem
done.
done.

Then I'm totally stuck... can you help me please? Thanks!

Related thread on serverfault. – mchid Jul 01 '21 at 07:24 — mchid, Jul 01 '21 at 07:24

score 3 · Answer 1 · answered Jan 28 '21 at 20:42

I have faced a similar situation, may be this helps. I have received a certificate in .p7b format. First, I converted it into .pem format. Then, I imported it into Firefox (or your browser). After that, I could access my application using that certificate.

Now, in order to convert a .p7b into .pem do as follows.

openssl pkcs7 -inform der -in yourCert.p7b -print_certs -out yourCert.pem

Hope this helps.

score 0 · Answer 2 · answered Dec 04 '15 at 23:15

0

You need to import the certificate in your browser of choice. In chrome, you can find this under advanced settings -> manage certificates -> import your certificate.

answered Dec 04 '15 at 23:15

psusi

37,551

1

Thank you, but it did not work because Chrome (my version at least, that is the last update) only accepts PKCS #12 certificates, while it seems to be a PKCS #7 (whatever it means... I don't know much about SSL). I tried to convert it using: openssl pkcs7 -in certnew256.p7b -print_certs -out certnew256.pem but the result was unable to load PKCS7 object 140670274774672:error:0906D06C:PEM routines:PEM_read_bio:no start line:pem_lib.c:701:Expecting: PKCS7 ... and then I'm stuck again :( – Carcarlo Pravettoni Dec 08 '15 at 00:14
1

A p7 (certificate) is different from a p12 (key). You cannot convert one to the other. – user535733 May 28 '19 at 11:19

How do I use a P7B file with Ubuntu?

2 Answers2

Related