I am generating the pkpass files via an AWS Lambda function. So far I have been using the certificate.pem, private.key and wwdr.pem certificates with wallet-3kpy(https://github.com/pretix/wallet-py3k) library. Now, after a year, the certificate needs to be renewed. So I went through the process of generating the .p12 file in order to extract the certificate.pem and private.key out of it. The wwdr.pem I did not touch. The generation of the pkpass now fails with DecryptFail messages from openssl. I have provided openssl11 to the lambda function via a dedicated lambda layer. And for the new pkpass I used a different openssl version. Could that be the reason?
Pkpass generation fails after yearly signature renewal
178 Views Asked by YuKa At
2
There are 2 best solutions below
0
YuKa
On
I generated the private.key in the wrong way.
The correct 2 steps are:
- Create the certificate.pem with the .p12 file via:
openssl pkcs12 -in your_p12_file.p12 -out certificate.pem -nodes
- Create the private.key out of the certificate.pem via:
openssl rsa -in certificate.pem -out private.key
Together with the wwdr.pem (the apple certificate needs to be in .pem too), pkpass files can be signed via the wallet-py3k library.
Related Questions in AWS-LAMBDA
- How to get rows count from Amazon DynamoDB using Lambda AWS
- Querying DynamoDB with Lambda does nothing
- undefined is not a function after refactor
- Async AWS Lambda not executed if caller returns too early
- In amazon lambda, resizing multiple thumbnail sizes in parallel async throws Error: Stream yields empty buffer
- How to upload an object into S3 in Lambda?
- How to do image overlay and watermark using node.js in amazon lambda function
- Base64 encode UserData parameter for EC2 RunInstances using AWS Lambda
- AWS Lambda PHP Create Function with Zip
- Triggering a AWS Lambda from a form post
- Zip Files & Folders With No Base Directory
- Dynamically loading jar from arbitrary url
- AWSTask is not instantiable
- AWS Custom Authorizer with request parameters
- Parse OSM PBF in AWS Lambda and S3
Related Questions in OPENSSL
- Do I have to randomize key in OpenSSL
- SoapClient in PHP 5.6 when using HTTPS emits warning with "key values mismatch"
- Sign with private key and verify with public
- CloudSQL SSL connection error
- What is the correct way to pass the password to OpenSSL
- Ruby using wrong version of openssl
- Trying to create a certificate through openssl using shell_exec in PHP
- Decrypt Amazon Redshift CSV dump
- Generate signature using private key with OpenSSL API
- Google reCaptcha with php validation
- OpenSSL file transfer
- Verify a RSA public key in OpenSSL?
- Non-blocking SSL socket negotiation in Ruby. Possible?
- openssl_pkey_get_public return 0
- gem eventmachine fatal error: 'openssl/ssl.h' file not found
Related Questions in PASSBOOK
- ending a passbook program - HTTP response to incoming passbook requests?
- PKPASS not opennig in Passbook
- iOS Passbook not downloading from passbook scan
- Passbook with geofence
- Problems with dataStyle while creating pass for passbook
- Passbook isn't hitting .NET web service
- Does iBeacon trigger Passbook notifications even when Passbook is not running?
- Can't find my own app in ios wallet share pass list
- Passbook couldn't connect to development web service
- How to reliably determine whether Passbook is available?
- pkpass not showing in the simulator
- Detecting an installed Passbook Pass via Mobile Safari
- Why my PassBook isn't valid or outdate?
- Safari cannot download this file (Passbook Pass)
- Wrong type object for key serialNumbers in response dictionary. Expected NSArray but found __NSCFString
Related Questions in AWS-LAMBDA-LAYERS
- AWS Lambda - How to Put ONNX Models in AWS Layers
- How do I properly import modules from custom packages into an AWS Lambda function?
- AWS Lambda | Azure Python Library Intergration
- Cloudformation LayerVersion S3Bucket Using Parameter
- When importing matplotlib. I get the error: No module named 'numpy.core._multiarray_umath'
- How to setup a dynamo db trigger in AWS lambda function
- AWS lambda task timed out issue with large data while processing data from S3 bucket
- Unable to run pytest command in a lambda function on AWS
- Create a AWS Lambda layer using Docker
- Why invocation of class file in lambda layer throwing error?
- Error trying to import pysftp in Lambda: cannot import name '_bcrypt' from partially initialized module 'bcrypt' (most likely due to circular import)
- How to open a .SO file and use it in AWS Lambda Function
- How do I properly structure AWS Lambda Python Layer to avoid Import Errors?
- How to configure aws lamda to work with Puppeteer in detail, As I'm Begineer in lambda as well as puppeteer
- Unable to import module 'index': cannot import name '_imaging' from 'PIL' in AWS lambda
Related Questions in PKPASS
- Links in Apple Wallet pass not interactive
- How to update the apple passes create without webServiceURL
- Apple Keychain does not have private key to export
- How to download a pkpass file converted to base64 using HTML?
- How to create pkpass file dynamically in java?
- Is it possible to automate creation of .pkpass files for AppleWallet and AndroidWallet for multiple users?
- pkpass file open in Safari Mac but not on iPhone
- pkpass: Unknown encoding of JSON format (iOS Wallet pass file)
- Unable to download PKpass from server
- Apple wallet update card from nodejs restify from api to api request
- Consequences of the expiration of the signing certificate for a already issued PKPass file
- Unable to create NFC-Capable PKPass for Apple Wallet
- How to create a pkpass file in Visual Studio, in widows
- IOS pkpass download multiple passes at once
- Call Typescript function from within an Phoenix / Elixir GET function
Trending Questions
- UIImageView Frame Doesn't Reflect Constraints
- Is it possible to use adb commands to click on a view by finding its ID?
- How to create a new web character symbol recognizable by html/javascript?
- Why isn't my CSS3 animation smooth in Google Chrome (but very smooth on other browsers)?
- Heap Gives Page Fault
- Connect ffmpeg to Visual Studio 2008
- Both Object- and ValueAnimator jumps when Duration is set above API LvL 24
- How to avoid default initialization of objects in std::vector?
- second argument of the command line arguments in a format other than char** argv or char* argv[]
- How to improve efficiency of algorithm which generates next lexicographic permutation?
- Navigating to the another actvity app getting crash in android
- How to read the particular message format in android and store in sqlite database?
- Resetting inventory status after order is cancelled
- Efficiently compute powers of X in SSE/AVX
- Insert into an external database using ajax and php : POST 500 (Internal Server Error)
Popular Questions
- How do I undo the most recent local commits in Git?
- How can I remove a specific item from an array in JavaScript?
- How do I delete a Git branch locally and remotely?
- Find all files containing a specific text (string) on Linux?
- How do I revert a Git repository to a previous commit?
- How do I create an HTML button that acts like a link?
- How do I check out a remote Git branch?
- How do I force "git pull" to overwrite local files?
- How do I list all files of a directory?
- How to check whether a string contains a substring in JavaScript?
- How do I redirect to another webpage?
- How can I iterate over rows in a Pandas DataFrame?
- How do I convert a String to an int in Java?
- Does Python have a string 'contains' substring method?
- How do I check if a string contains a specific word?
It is possible that the key in your .p12 file doesn't match the certificate.
To check:
Extract the certificate and key (replace file.p12 with your .p12 filename). :
Get the modulus for each:
If they don't match, then you have the wrong key for your certificate.