Hello,<br>I have this keyfile that I use with the old SSL implementation and it works fine with this code:<br><br>-module(ssl_test).<br>-export([connect/0]).<br><br>connect() -><br>        ssl:start(),<br><br>        Address = "<a href="http://gateway.sandbox.push.apple.com" target="_blank">gateway.sandbox.push.apple.com</a>",<br>

        Port = 2195,<br>        CaCert = "entrust_root_certification_authority.pem",<br>        Cert = "server_cerificates_bundle_sandbox.pem",<br>        Key = "server_cerificates_bundle_sandbox.pem",<br>

<br>        Options = [{cacertfile, CaCert}, {certfile, Cert}, {keyfile, Key}, {mode, binary}, {ssl_imp, old}],<br>        Timeout = 1000,<br>        ssl:connect(Address, Port, Options, Timeout).<br><br><br>However, when I try to use the new ssl implementation, I get this:<br>

<br>[root@ipx029 erlang]# erl<br>Erlang R15B (erts-5.9) [source] [64-bit] [smp:2:2] [async-threads:0] [hipe] [kernel-poll:false]<br><br>Eshell V5.9  (abort with ^G)<br>1> ssl_test:connect().<br>{error,ekeyfile}<br>2> <br>

=ERROR REPORT==== 4-Mar-2012::12:08:29 ===<br>SSL: 1093: error:[{'RSAPrivateKey',<< .... >>,<br>                                   not_encrypted},<br>                  {'RSAPrivateKey',<< .... >>,<br>

                                   not_encrypted}] server_cerificates_bundle_sandbox.pem<br>  [{ssl_connection,init_private_key,5,<br>                   [{file,"ssl_connection.erl"},{line,1085}]},<br>   {ssl_connection,ssl_init,2,[{file,"ssl_connection.erl"},{line,1027}]},<br>

   {ssl_connection,init,1,[{file,"ssl_connection.erl"},{line,305}]},<br>   {gen_fsm,init_it,6,[{file,"gen_fsm.erl"},{line,343}]},<br>   {proc_lib,init_p_do_apply,3,[{file,"proc_lib.erl"},{line,227}]}]<br>

<br><br>The server_cerificates_bundle_sandbox.pem file has this format:<br><br>Bag Attributes<br>    friendlyName: XXXXXXXX<br>    localKeyID: XXXXXX<br>subject=XXXXXXX<br>issuer=XXXXXXX<br>-----BEGIN CERTIFICATE-----<br>
XXXXXXXXXX<br>
-----END CERTIFICATE-----<br>Bag Attributes<br>    friendlyName: XXXXXX<br>    localKeyID: XXXXXX                                                     <br>subject=XXXXXXXXXX<br>issuer=XXXXXXXXX<br>-----BEGIN CERTIFICATE-----<br>

XXXXXXXXXXXX<br>-----END CERTIFICATE-----<br>Bag Attributes<br>    friendlyName: XXXXXXXXX<br>    localKeyID: XXXXXXXX<br>Key Attributes: <No Attributes><br>-----BEGIN RSA PRIVATE KEY-----<br>XXXXXXXXXXXXX<br>-----END RSA PRIVATE KEY-----<br>

Bag Attributes<br>    friendlyName: XXXXXXXXXXX<br>    localKeyID: XXXXXXXXXXX<br>Key Attributes: <No Attributes><br>-----BEGIN RSA PRIVATE KEY-----<br>XXXXXXXXXXXXX<br>-----END RSA PRIVATE KEY-----<br><br>So is this format supported by the new ssl implementation? Is this a bug?<br>

Or should I somehow convert this to a different format?<br><br>regards,<br>Takeshi<br>                             <br><br><br><br>