The cert.cer file is the result of taking a request file in PEM format (req.pem) and giving it's contents to Verisign for signing. According to Verisign, they send back in the same format. Question is, what did they send back, and did I send the right thing. This is getting a bit annoying trying to come up with a server cert and client key to hand out. It should be so simple.
-----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Dr. Stephen Henson Sent: Tuesday, August 20, 2002 5:37 PM To: [EMAIL PROTECTED] Subject: Re: PKCS#12 and Verisign cert On Tue, Aug 20, 2002, David Iungerich wrote: > I have the following. > > key.pem - private key created with openssl. > req.pem - CSR created with openssl. > cert.cer - Signed cert returne from Verisign after sending them req.pem. > > I need to find out what openssl commands to use to package this all up in a > PKCS#12 file that my server requires. Anyone know the specific steps. > > I've tried the following, but I get the below error. > > openssl pkcs12 -export -in key.pem -certfile cert.cer -out server.p12 -name > "Prod Forte Certificate" > > I've also tried copying the certificate text in the e-mail that came back > from Verisign and placing that in a file with a .pem extension. Same > result. > > Error loading certificates from input > 20906:error:0906D06C:PEM routines:PEM_read_bio:no start > line:pem_lib.c:662:Expec > ting: CERTIFICATE > What is in the .cer file? It probably isn't a certificate in PEM format and may need converting. Steve. -- Dr. Stephen Henson [EMAIL PROTECTED] OpenSSL Project http://www.openssl.org/~steve/ ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED] ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
