I am generating the pkpass files via an AWS Lambda function. So far I have been using the certificate.pem, private.key and wwdr.pem certificates with wallet-3kpy(https://github.com/pretix/wallet-py3k) library. Now, after a year, the certificate needs to be renewed. So I went through the process of generating the .p12 file in order to extract the certificate.pem and private.key out of it. The wwdr.pem I did not touch. The generation of the pkpass now fails with DecryptFail messages from openssl. I have provided openssl11 to the lambda function via a dedicated lambda layer. And for the new pkpass I used a different openssl version. Could that be the reason?
Pkpass generation fails after yearly signature renewal
179 Views Asked by YuKa At
2
There are 2 best solutions below
0
YuKa
On
I generated the private.key in the wrong way.
The correct 2 steps are:
- Create the certificate.pem with the .p12 file via:
openssl pkcs12 -in your_p12_file.p12 -out certificate.pem -nodes
- Create the private.key out of the certificate.pem via:
openssl rsa -in certificate.pem -out private.key
Together with the wwdr.pem (the apple certificate needs to be in .pem too), pkpass files can be signed via the wallet-py3k library.
Related Questions in AWS-LAMBDA
- Query parameter works fine with fastapi application when tested locally but not working when the FastAPI application is deployed on AWS lambda
- Lambda endpoint for the Google OAuth callback does not recieve the access_token
- Golang lambda upload image into s3 static website
- Unable to run Bash Script using AWS Custom Lambda Runtime
- Call an External API from AWS Lambda
- AWS Lambda Trigger For Same S3 File Name In Quick Succession
- Trouble Extracting Request Body in Flask-Lambda Application Deployed on AWS Lambda via AWS SAM
- S3 pre-signed url not working on whatsapp cloud Api
- 'Load failed' error when trying to create a function in AWS lambda
- Using Python CDK to bundle dotnet 8 code to AWS Lambda function
- AWS WebSocket API return forbidden (403) error when sending message
- Pass integer value in json serializable Python Object
- AWS Lambda successfully called with 'Function URL', but not with 'API Gateway'
- How do I create a *clean* AWS lambda function in python?
- Laravel Vapor Queue Dynamic DB Connection Issue for Different Requests
Related Questions in OPENSSL
- openssl: EVP_PKEY_derive failure
- Python SSL Error , Server side - Client certificate verify failing with Intermediate cert - self-signed certificate in certificate chain (_ssl.c:1007)
- Why/How does Apache auto-include "DHE" TLS1.2 ciphers while nginx needs "dhparams" file?
- OpenSSL3.0 RSA Signature Verification in C
- ESP8266 - Unable to connect to MQTT Server via SSL (mutual authentication)
- CherryPy SSL Built-in Adapter Causing Port Contention with Netcat
- Cannot Load OpenSSL in IIS
- Flutter SecureSocketServer transfer
- openssl pbkdf2 and perl
- OpenSSL with C++ app - getting undefined references during compilation
- Restore sha-1 certificate fingerprint on OpenSSL without setting security level to zero
- SSL for PostgreSQL connection nodejs and express to conection on render host service
- Decrypt ruby DES-EDE3-CBC encrypted data in Python
- Recursively calculate SHA256 sum of all files in directory using OpenSSL
- Deterministic CTR_DRBG in OpenSSL
Related Questions in PASSBOOK
- ending a passbook program - HTTP response to incoming passbook requests?
- PKPASS not opennig in Passbook
- iOS Passbook not downloading from passbook scan
- Passbook with geofence
- Problems with dataStyle while creating pass for passbook
- Passbook isn't hitting .NET web service
- Does iBeacon trigger Passbook notifications even when Passbook is not running?
- Can't find my own app in ios wallet share pass list
- Passbook couldn't connect to development web service
- How to reliably determine whether Passbook is available?
- pkpass not showing in the simulator
- Detecting an installed Passbook Pass via Mobile Safari
- Why my PassBook isn't valid or outdate?
- Safari cannot download this file (Passbook Pass)
- Wrong type object for key serialNumbers in response dictionary. Expected NSArray but found __NSCFString
Related Questions in AWS-LAMBDA-LAYERS
- AWS Lambda - How to Put ONNX Models in AWS Layers
- How do I properly import modules from custom packages into an AWS Lambda function?
- AWS Lambda | Azure Python Library Intergration
- Cloudformation LayerVersion S3Bucket Using Parameter
- When importing matplotlib. I get the error: No module named 'numpy.core._multiarray_umath'
- How to setup a dynamo db trigger in AWS lambda function
- AWS lambda task timed out issue with large data while processing data from S3 bucket
- Unable to run pytest command in a lambda function on AWS
- Create a AWS Lambda layer using Docker
- Why invocation of class file in lambda layer throwing error?
- Error trying to import pysftp in Lambda: cannot import name '_bcrypt' from partially initialized module 'bcrypt' (most likely due to circular import)
- How to open a .SO file and use it in AWS Lambda Function
- How do I properly structure AWS Lambda Python Layer to avoid Import Errors?
- How to configure aws lamda to work with Puppeteer in detail, As I'm Begineer in lambda as well as puppeteer
- Unable to import module 'index': cannot import name '_imaging' from 'PIL' in AWS lambda
Related Questions in PKPASS
- Passkit-generator library created an invalid .pkpass file despite inputs being (seemingly correct)
- How to Modify Font/Image Size and Hide Info Icon in PKPass?
- Apple Wallet / PkPass File Error: "Safari Cannot Download This File"
- How to work with a "MIME type .pkpass file binary stream," or rather, how to send it as a response to the client and download it
- How to update the apple passes create without webServiceURL
- Links in Apple Wallet pass not interactive
- Download Pkpass file and display in Swift
- Chrome is not rendering/previewing Apple pass whereas Safari previewing the pass when I click the download link
- Pkpass generation fails after yearly signature renewal
- Add pass to Apple Wallet in React Native
- Is it possible to test NFC pass functionality on a device without having an NFC certificate?
- How to create a pkpass file in Visual Studio, in widows
- Unable to create NFC-Capable PKPass for Apple Wallet
- How to download a pkpass file converted to base64 using HTML?
- pkpass not downloading on physical iOS device
Trending Questions
- UIImageView Frame Doesn't Reflect Constraints
- Is it possible to use adb commands to click on a view by finding its ID?
- How to create a new web character symbol recognizable by html/javascript?
- Why isn't my CSS3 animation smooth in Google Chrome (but very smooth on other browsers)?
- Heap Gives Page Fault
- Connect ffmpeg to Visual Studio 2008
- Both Object- and ValueAnimator jumps when Duration is set above API LvL 24
- How to avoid default initialization of objects in std::vector?
- second argument of the command line arguments in a format other than char** argv or char* argv[]
- How to improve efficiency of algorithm which generates next lexicographic permutation?
- Navigating to the another actvity app getting crash in android
- How to read the particular message format in android and store in sqlite database?
- Resetting inventory status after order is cancelled
- Efficiently compute powers of X in SSE/AVX
- Insert into an external database using ajax and php : POST 500 (Internal Server Error)
Popular Questions
- How do I undo the most recent local commits in Git?
- How can I remove a specific item from an array in JavaScript?
- How do I delete a Git branch locally and remotely?
- Find all files containing a specific text (string) on Linux?
- How do I revert a Git repository to a previous commit?
- How do I create an HTML button that acts like a link?
- How do I check out a remote Git branch?
- How do I force "git pull" to overwrite local files?
- How do I list all files of a directory?
- How to check whether a string contains a substring in JavaScript?
- How do I redirect to another webpage?
- How can I iterate over rows in a Pandas DataFrame?
- How do I convert a String to an int in Java?
- Does Python have a string 'contains' substring method?
- How do I check if a string contains a specific word?
It is possible that the key in your .p12 file doesn't match the certificate.
To check:
Extract the certificate and key (replace file.p12 with your .p12 filename). :
Get the modulus for each:
If they don't match, then you have the wrong key for your certificate.