Pierre De Boeck wrote:
>
> Does anyone have information about the format
> used by IIS/key manager to import an RSA key pair and
> its corresponding CA chain?
>
> I naively believed that MS will standards like PKCS#1
> and PKCS7 but this is not the case. I also try a PKCS12
> file but with no more success.
>
That reminds me. I really must install IIS some time. Anyway I believe
it has two options, a single file or two files.
The two file version I *think* needs a private key in NET format and the
certificate in DER. You may have problems with keys larger than 512 bits
if you use the international version.
You can try:
openssl rsa -in key.pem -out key.net -outform NET
openssl x509 -in cert.pem -out cert.der -outform DER
Please let me know if that works.
NET format BTW is a horribly insecure evil unsalted RC4 format which
should never have seen the light of day. Make sure you don't leave any
private keys around in this format.
The one file version contains a NET format private key and lots of other
weird stuff. None of which is documented.
Steve.
--
Dr Stephen N. Henson. http://www.drh-consultancy.demon.co.uk/
Personal Email: [EMAIL PROTECTED]
Senior crypto engineer, Celo Communications: http://www.celocom.com/
Core developer of the OpenSSL project: http://www.openssl.org/
Business Email: [EMAIL PROTECTED] PGP key: via homepage.
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
