Dr. Stephen Henson wrote:
PKCS#12 isn't an appropriate format to just import a certificate. You need
to use PEM or DER form and an appropriate extension such as .crt.
I figured this out too late. PEM isn't accepted by Windows, but DER
(luckily!) is, so now I'm just using DER.
IPsec FAQ that guided me then, suggested that PKCS12 is the format for
transferring certs to _Windows_... Now I know better.
If this certificate is to be used in an SSL server you shouldn't import it
anyway, just the root CA certificate is sufficient.
True. As IPsec peers can exchange their certs automatically.
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager [EMAIL PROTECTED]
