Endpoint Encryption

 View Only
  • 1.  Windows Server 2008 R2 64-bit issue

    Posted Jan 03, 2012 11:16 PM

    Hi, I have installed a licensed copy of PGP Command Line 10.2 64-bit on Windows Server 2008 R2 64-bit. I tried to import an existing .p12 certificate into the keyring using --import command, but the cmd window output only shows:

    'Acquiring entropy from system state....done'

    'Generating bundle key'

    'progress...'

    And then PGP terminates and control is returned. No error message was thrown. However when I run the same --import command with a 32 bit copy of PGP CL 10.2, the import works successfully. I tested with another 64-bit machine just to be sure and got the same result.

    Is there any settings for the PGPSDK that I must set in order for the 64-bit version of PGP CL to work?

    Thanks



  • 2.  RE: Windows Server 2008 R2 64-bit issue

    Posted Jan 04, 2012 01:48 AM

    When you say that you tried the 32-bit version and it worked, you mean that you installed it on the same 64-bit R2 system that was showing the problem?

    We haven't seen this issue.  Does it only happen with this P12 import?  Or do you also see it if you generate a new key?



  • 3.  RE: Windows Server 2008 R2 64-bit issue

    Posted Jan 04, 2012 03:39 AM

    Yes I installed the 32-bit version on the same 64-bit R2 system as well as another machine, and in both cases I use the same key. This key is imported successfully in the 32-bit version of PGP CL. I generated this key using openssl by the way, since I use the same key for other software too.

    If I generate a new key using 64-bit PGP CL, it works successfully.



  • 4.  RE: Windows Server 2008 R2 64-bit issue

    Posted Jan 04, 2012 10:52 AM

    Examples in Command Line User´s guide:


    pgp --import key.p12 --wrapper-key --passphrase <p12pass>


    Imports file "key.p12" as a wrapper key. The passphrase to the PKCS-12 private
    key is provided.


    pgp --import key.p12 --passphrase <p12pass> --new-passprhase
    "0b*Sm1t4"


    pgp --import encrypt.p12 --passphrase <p12pass> --newpassphrase
    "B0b*Sm1t4"


    In a two-step process, imports file key.p12 as a bundle key that includes a signing
    and encryption subkey.


    pgp --import key.p12 --passphrase <p12pass> --new-passprhase
    "B0b*Sm1t4"


    pgp --import encrypt.p12 --passphrase <p12pass> --newpassphrase
    "B0b*Sm1t4" --local-user <existingbundlekeyID>


    In a two-step process, imports the file key.p12 and adds the certificate to an
    existing bundle key.

    You should try options and parameters.

    Use --debug to see more information on the process of importing



  • 5.  RE: Windows Server 2008 R2 64-bit issue

    Posted Jan 04, 2012 11:22 AM

    Can you reliably reproduce this problem with other openssl generated keys?  If so, can you share the process you are using to generate the keys and certs (key size, cert data, etc.) so we can try and reproduce it here?

    Thanks,



  • 6.  RE: Windows Server 2008 R2 64-bit issue

    Posted Jan 04, 2012 11:27 AM

    Well that kind of troubleshooting will take some time . please open a new case:

    Contact Technical Support at (800) 342-0652 or submit your case online at https://mysupport.symantec.com