[EMAIL PROTECTED] wrote:
>
> I'm configuring a few cisco routers to do IKE for our VPN's. Works great
> with pre-shared keys, but for scalability purposes I'd like to use
> certificates, which requires the use of a CA. But the ciscos store keys
> and certificates in a format I'm not familiar with and was wondering if
> anyone had any idea. Here's an example certificate grabbed from
>
[example]
The bit starting "3082" Looks like just the hex dump of something: maybe
just the certificate. Try converting to a binary file and running:
openssl x509 -inform DER -in cert.der
on it.
The figure at the start may be a fingerprint, try:
openssl x509 -inform DER -in cert.der -fingerprint -noout
and see if it agrees.
If both operations work then just reverse the process.
Steve.
--
Dr Stephen N. Henson. http://www.drh-consultancy.demon.co.uk/
Personal Email: [EMAIL PROTECTED]
Senior crypto engineer, Celo Communications: http://www.celocom.com/
Core developer of the OpenSSL project: http://www.openssl.org/
Business Email: [EMAIL PROTECTED] PGP key: via homepage.
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
