Error reading Certificates.p12 file of algorithm is "unsupported"

[bjenkinsgit]

I'm really new to Rust, so please forgive me if I'm making a newbie mistake. I installed your crate into a test project and used your example code to try to create a signed pass and get the following error:

thread 'main' panicked at 'called Result::unwrap() on an Err value: Custom { kind: Other, error: ErrorStack([Error { code: 50856204, library: "digital envelope routines", function: "inner_evp_generic_fetch", reason: "unsupported", file: "crypto/evp/evp_fetch.c", line: 341, data: "Global default library context, Algorithm (RC2-40-CBC : 0), Properties ()" }]) }', src/main.rs:55:6
stack backtrace:
0: rust_begin_unwind
at /rustc/8ede3aae28fe6e4d52b38157d7bfe0d3bceef225/library/std/src/panicking.rs:593:5
1: core::panicking::panic_fmt
at /rustc/8ede3aae28fe6e4d52b38157d7bfe0d3bceef225/library/core/src/panicking.rs:67:14
2: core::result::unwrap_failed
at /rustc/8ede3aae28fe6e4d52b38157d7bfe0d3bceef225/library/core/src/result.rs:1651:5
3: core::result::Result<T,E>::unwrap
at /rustc/8ede3aae28fe6e4d52b38157d7bfe0d3bceef225/library/core/src/result.rs:1076:23
4: mypass::main
at ./src/main.rs:49:5
5: core::ops::function::FnOnce::call_once
at /rustc/8ede3aae28fe6e4d52b38157d7bfe0d3bceef225/library/core/src/ops/function.rs:250:5
note: Some details are omitted, run with RUST_BACKTRACE=full for a verbose backtrace.

[JoepdeJong]

I experienced the same problem on my M2 macbook. It seems that apple uses LibreSSL instead of OpenSSL, which exports the .p12 certs with an old encryption. I fixed it by installing OpenSSL using brew, exporting the keys from the .p12 to a .pem using the legacy flags, and then saving them again to .p12 with new encryption:

brewopenssl pkcs12 -in cert.p12 -out cert.pem -legacy
brewopenssl pkcs12 -export -out cert2.p12 -inkey cert.pem -in cert.pem

make sure to replace brewopenssl with your (brew) openssl path.