Ok, I got a few pieces meal answers (and no answers) here so I wanted to recap to make sure I have it all straight.
Certificates - Even though you may wish to send the cert DER encoded over the network, it is advisable to create and work with it while PEM encoded, correct? Now all the examples I got from people have it converting it from a PKCS7 structure. That confuses me a little as PKCS7 is basically the mail/Smime standard right? I know it can hold a cert but is that the thing to do? Just covert it using something like the following (seems like I would have a lot of other PKCS7 junk, not just the cert)?:
I guess you are confusing things a little bit. Let's start from the formats (let's be brief):
DER - Binary form PEM - ASCII form of DER (Usually a B64 with Armours)
PKCS#7 - Format used to transport a lot of things, usually for
signatures and needed pieces for its verification.Usually there is no preferred format because once loaded you actually use its internal rappresentation of the certificate ... my suggestion: if you have DER just use it and forget the PKCS7 - you don't need it to simply manage a certificate.
--
C'you,
Massimiliano Pala
--o-------------------------------------------------------------------------
Dr. Massimiliano Pala [OpenCA Project Manager] [EMAIL PROTECTED]
Tel.: +39 (0)59 270 094
http://www.openca.org Fax: +39 178 221 8225
http://openca.sourceforge.net Mobile: +39 (0)347 7222 365
smime.p7s
Description: S/MIME Cryptographic Signature
