Can I convert Apache Mod SSL cert to PEM format?

Thu, 28 Feb 2002 10:55:54 -0800 


Hello,

I am running imap2001a and using openssl 0.96b on  Sun Solaris 2.8. I have
generated a self signed cert using the method described in the openssl 
SSLBUILD
document

The following command to openssl can be used to create a self-signed
certificate with a 10-year expiration:
       req -new -x509 -nodes -out imapd.pem -keyout imapd.pem -days 3650

This works, or at least a user can connect with netscape to the imaps
port and get their mail.

I have recently purchased a cert from thawte for our apache server.
i.e. it is an apache mod ssl certificate named domainname.crt. Our
imap server is on the same sun as the apache server. The people say
I can use this cert that I purchased with imap (when I asked them.)
They tell me to convert it like this....

=====================================================


If you need a certificate with the private key contained in it (this
isn't a PEM format...) you can bundle the cert and key into a .p12
file using the following openssl command:

openssl pkcs12 -export -out cert.p12 -inkey yourkey.key
-in yourcert.crt 
=======================================================

I can do this, but this creates what looks to me like a binary output file.
The open ssl documentation says the private key must not be encrypted.
I have tried to read the documenation and figure out the right way to do
all this. I have also searched the archives, and ... and well ... I am 
just not
figuring this out.

Can I even do what I am trying to do? (am I attempting the impossible? )
Can anyone tell me how to convert my thawte certificate for apache mod
ssl to a PEM format imapd.pem certificate containing a private key
that is not encrypted? (my private key is encrypted.)


-- 
 _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
[_X_X_X_X_X_X_X_X_X_X_X_X_X_X_X_X_X_X_X_X_X_X_X_X_X_X_X_] 

Craig Lewis     505 277 6068      [EMAIL PROTECTED]
UNIVERSITY OF NEW MEXICO MATHEMATICS AND STATISTICS
COMPUTER SYSTEMS SUPPORT
Humanities Building Office 415
Albuquerque, NM 87131
______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    [EMAIL PROTECTED]
Automated List Manager                           [EMAIL PROTECTED]

Reply via email to