-- Error in importing certificates by  PKUTIL, even for SOPRA sample certificates.

$ PKIUTIL @cft-pki.conf
PKIU20I
PKIU20I PKI
PKIU20I Version 2.6.4 20090203
PKIU20I (C) Copyright AXWAY 1989-2007
PKIU20I ====> Starting Session on 05/11/2010 Time is 10:01:18
PKIU20I
PKIU26E PKIFILE  _ Error ( PKI Unknown error {-1/0} () )
PKIU26E PKICER   _ Error ( PKI Record writing error {15008/0} () )
OPNSSL.text_error(PKI2CRY:882)=error:24064064:random number generator:SSLEAY_RAND_BYTES:PRNG not seeded
OPNSSL.text_error(PKI2CRY:938)=error:04088003:rsa routines:RSA_setup_blinding:BN lib
PKIU26E PKICER   _ Error ( Private and Public key incompatible {15034/0} (DECRYPTION FAILED : RSA_public_encrypt() RSA_PKCS1_PADDING) )
OPNSSL.text_error(PKI2CRY:882)=error:04066044:rsa routines:RSA_EAY_PRIVATE_ENCRYPT:internal error
OPNSSL.text_error(PKI2CRY:938)=error:24064064:random number generator:SSLEAY_RAND_BYTES:PRNG not seeded
PKIU26E PKICER   _ Error ( Private and Public key incompatible {15034/0} (DECRYPTION FAILED : RSA_public_encrypt() RSA_PKCS1_PADDING) )
PKIU00I RETURN   _ Correct (CODE=8)
PKIU20I Number of Command(s) 4

This could be an issue of  random seed which is necessary for cryptographic algorithms used by CFT.

To be sure that this is the actual issue:
1 - go to CFT folder and run profile script
2 - run the command "CFTUTIL uconfset id=cft.seed.enable_internal, value=Yes" that actives the internal random of CFT
3- import the certificates

If the import works now, it means actually there is a random issue in system setting.
If the user wants to use system random, he should ensure that the driver "/dev/urandom" exists, and then set the option "cft.seed.enable_internal"  to NO