I have a PKCS#12 certificate that I would like to import into my MikroTik router, but it simply fails with “decryption-failures: 1” and nothing else.
I know the passphrase is correct, because I wrote it myself and am able to install the certificate on my windows computer without issue.
I have been searching around on the forum, I see a number of people asking about it but no answers.
The manual also doesn’t seem to say anything about importing certificates and which filetypes are supported.
[admin@MK] > certificate
[admin@MK] /certificate> import file-name=ca.p12 passphrase=1234
certificates-imported: 0
private-keys-imported: 0
files-imported: 0
decryption-failures: 1
keys-with-no-certificate: 0
[admin@MK] /certificate>
The http://wiki.mikrotik.com/wiki/OpenVPN page seems to have a lot more examples about how to import a certificate, but again no real information.
I managed to import the certificate by… well… I actually didn’t manage to import the PKCS#12 certificate, I had to instead use a PEM certificate.
[admin@MK] > certificate
[admin@MK] /certificate> import file-name=ca.pem passphrase=1234
certificates-imported: 1
private-keys-imported: 0
files-imported: 1
decryption-failures: 0
keys-with-no-certificate: 0
[admin@MK] /certificate> import file-name=ca.pem passphrase=1234
certificates-imported: 0
private-keys-imported: 1
files-imported: 1
decryption-failures: 0
keys-with-no-certificate: 0
[admin@MK] /certificate>
Yes, I had to use the same command twice. I don’t know why it can’t do this in one go, and it is VERY confusing that it doesn’t.
The http://wiki.mikrotik.com/wiki/Manual:Create_Certificates article does mention how to import a certificate, but I wouldn’t have expected to find instructions on how to import a certificate in an article titled “Create Certificates”.
Either way, would still love some information added to the wiki about which file types are supported, and maybe some examples like I wrote above.