https://bugs.winehq.org/show_bug.cgi?id=52330
--- Comment #13 from Hans Leidekker hans@meelstraat.net --- (In reply to Zebediah Figura from comment #12)
Given that (and assuming that PFXImportCertStore() is supposed to handle this), I guess the question is whether gnutls_pkcs12_simple_parse() is supposed to handle this—the documentation is not exactly clear—and if not I guess we need to parse things more manually.
Hans, would you mind checking this diagnosis to make sure it sounds sane?
GnuTLS source confirms that it expects to find a private key in the PKCS12 blob. Maybe they would accept a patch to make the key optional. If not it may be possible to decode the blob using the lower level PKCS12 Bag functions. Otherwise we'll have to do it all by hand I guess.