Amodhini U wrote: > > Hi, > > > Could you please help me? Specifically, how can I > import a PKCS#8 private-key into the local IE > Browser's security database? > (After that, importing the associated local > certificate in .der or .cer format should be plain > sailing.) >
You can't. AFAIK IE doesn't support PKCS#8. > (I don't want to combine the local private-key and > local certificate into a PKCS#12 object. That would > compromise security.) > What makes you think that? PKCS#12 is the only standard way to import an externally generated key and certificate into IE. In any case PKCS#12 uses PKCS#8 internally for private key storage and encryption. It could be argued that the need to generate and transfer a private key externally is already reducing the security of this system. A better way to do thing is to generate the private key and certificate request on the client using Xenroll and then just install the certificate. Steve. -- Dr Stephen N. Henson. http://www.drh-consultancy.demon.co.uk/ Personal Email: [EMAIL PROTECTED] Senior crypto engineer, Gemplus: http://www.gemplus.com/ Core developer of the OpenSSL project: http://www.openssl.org/ Business Email: [EMAIL PROTECTED] PGP key: via homepage. ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
