The solution provided by the above thread (https://developer.apple.com/forums/thread/697030?login=true#:~:text=Thanks%20to%20Quinn,be%20Apple%2Dcompatible) is not working for me. java version "1.8.0_341" Java(TM) SE Runtime Environment (build 1.8.0_341-b10) Java HotSpot(TM) 64-Bit Server VM (build 25.341-b10, mixed mode) macos 13.0.1

any suggestions here?

Still failing used the apple development certificate(from keychain access) my code. the certificate is protected with alogs: pbeWithSHA1And3-KeyTripleDES-CBC pbeWithSHA1And40BitRC2-CBC in openssl PKCS12_create used the above algos for creating PKCS12. which is further passed to SecPKCS12Import attaching my code below: BIO* createPKCS12fromPKCS12(const unsigned char* data, long dataLength, char* originalPassphrase, char* newPassphrase) { OSSL_PROVIDER legacy = OSSL_PROVIDER_try_load(NULL, "legacy", 1); OSSL_PROVIDER defaultProvider = OSSL_PROVIDER_try_load(NULL, "default", 1); int nid_key = NID_pbe_WithSHA1And3_Key_TripleDES_CBC; int nid_cert = NID_pbe_WithSHA1And40BitRC2_CBC; BIO bp = BIO_new_mem_buf(data, (int)dataLength); PKCS12 originalPKCS12 = NULL; d2i_PKCS12_bio(bp, &originalPKCS12); BIO_free(bp); EVP_PKEY* privateKey; X509* x509; STACK_OF(X509)* caChain = NULL; PKCS12_parse(originalPKCS12, originalPassphrase, &privateKey, &x509, &caChain); PKCS12_free(originalPKCS12); //  printf("%d", nid_key); //  printf("%d", nid_cert); PKCS12* newPKCS12 = PKCS12_create(newPassphrase, "SAP Identity", privateKey, x509, caChain, nid_key, nid_cert, 0,\ PKCS12_DEFAULT_ITER, 0); unsigned long a = ERR_get_error(); printf("%lu", a); EVP_PKEY_free(privateKey); X509_free(x509); sk_X509_free(caChain); BIO* mem = NULL; int verify = PKCS12_verify_mac(newPKCS12, newPassphrase, 0); printf("%d", verify); if (newPKCS12 != NULL) { mem = BIO_new(BIO_s_mem()); i2d_PKCS12_bio(mem, newPKCS12); PKCS12_free(newPKCS12); } return mem; }\ public func obtainUserIdentity(completionHandler: @escaping (Data?, Error?) -> Void) {     logger.debug("Called: obtainUserIdentity(completionHandler:)") let data = try Data(contentsOf: fileURL) // fileurl i spath of p12 file \     guard let pkcs12Data = OpenSSLHelperProxy.shared.createPKCS12fromPKCS12Data(data, passp\hraseOriginal: passphrase, passphraseNew: "") else { logger.error("Create PKCS #12 from PKCS #12 data failed") completionHandler(nil, IdentityError.failedToCreateIdentity) return } completionHandler(pkcs12Data, nil) } \ -(NSData* _Nullable)createPKCS12fromPKCS12Data:(NSData* _Nonnull)PKCS12Data passphraseOriginal:(NSString* _Nonnull)passphraseOriginal passphraseNew:(NSString* _Nonnull)passphraseNew {/   BIO* mem = createPKCS12fromPKCS12([PKCS12Data bytes], [PKCS12Data length], (char*)[passphraseOriginal UTF8String], (char*)[passphraseNew UTF8String]);/   NSData* data = [OpenSSLHelperProxy NSDataFromBIO:mem];/   return data;/ }/ / +(NSData*)NSDataFromBIO:(BIO*)mem {/   NSData* data = nil;/   if (mem != NULL) {/     char* ptr = NULL;/     /     size_t size = BIO_get_mem_data(mem, &ptr);/     data = [NSData dataWithBytes:ptr length:size];/     BIO_free(mem);/   }/   return data;/ }/ / this Data is sent to SecPKCS12Import(pkcs12Data as CFData, query as CFDictionary, &items) which isthrowingg error

hi, sharing a project to reproduce the issue: https://github.com/NamrataKSAP/PKCS12TestApp check the console log for error

As per your suggestion, I did compare the certificate data. I used an apple developer certificate taken from keychain access. I passed this certificate to my code and then created a new one using PKCS12_create API of OpenSSL(check project https://github.com/NamrataKSAP/PKCS12TestApp) I printed the certificate data/info in the console using code. The SecPKCS12Import works for the same certificate if using OpenSSL version 1. but fails with OpenSSL version 3. Attaching two files certificate info with OpenSSL 1. certificate info with OpenSSL 3 certificate info fetch in terminal with OpenSSL 3 certificateOpensslV1.txt certificateOpensslV3.txt certificateInfoFromTerminal.txt I find both similar. Code to print certificate info: PKCS12* newPKCS12 = PKCS12_create(newPassphrase, "SAP Identity", privateKey, x509, caChain, 0, 0, 0, 0, 0); X509* x509crt; STACK_OF(X509)* caChainw = NULL; EVP_PKEY* privateKeyr; int parse = PKCS12_parse(newPKCS12, newPassphrase, &privateKeyr, &x509crt, &caChainw); BIO* mem = BIO_new(BIO_s_mem()); BIO_printf(mem2, "\n"); NSData* data = [OpenSSLHelperProxy NSDataFromBIO:mem];\ let certificateStr = String(data: data, encoding: .utf8) print("certificate info\n\n", certificateStr)

Sharing the hex dump. I suppose this is what you want. Also, you can find the certificate and the password in git project itself. Password: 12345678 hexDump.txt

Thanks, @tejas22192 I will check this on my side

Big Thanks @tejas22192 your solution works for me