Dear OpenSLL users,
first of all, let me point out that I'm a total newbie in the
area of encryption. So maybe, my question could sound stupid ...
I'm using OpenSSL V. 0.9.8a in order to experiment with pfx-files
and binary certificate files on Win32.
I did:
1) Create a personal information interchange file:
openssl.exe pkcs12 -export -in pca-cert.pem -out test1.pfx -name "Test
Certificate of RMz" -passout pass:12345678
The resulting pfx file could be read by the Win32 mmc, so it
seems to be correct.
2) Create a binary encoded DER file as a public certificate:
openssl.exe pkcs7 -inform PEM -outform DER -in pca-cert.pem -out
test1.cer -text
This call results in the following error messages:
$ openssl.exe pkcs7 -inform PEM -outform DER -in pca-cert.pem -out test1.cer -t
ext
unable to load PKCS7 object
1752:error:0D0680A8:asn1 encoding routines:ASN1_CHECK_TLEN:wrong tag:tasn_dec.c:
1282:
1752:error:0D06C03A:asn1 encoding routines:ASN1_D2I_EX_PRIMITIVE:nested asn1 err
or:tasn_dec.c:824:
1752:error:0D08303A:asn1 encoding routines:ASN1_TEMPLATE_NOEXP_D2I:nested asn1 e
rror:tasn_dec.c:743:Field=type, Type=PKCS7
1752:error:0906700D:PEM routines:PEM_ASN1_read_bio:ASN1 lib:pem_oth.c:83:
If I call "openssl asn1parse -inform PEM -in pca-cert.pem" in order to
check the input file (I have found that recommendation in some other
thread), the output looks reasonable and no error message is produced.
Did I do something wrong here? And, finally, is there a way of
creating test certificates (pair of asymmetric keys with configurable
length plus descriptive data like user name, CA name, expiration date)
using the opensll tool?
Thanks in advance for your comments and best regards,
-Rainer
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager [EMAIL PROTECTED]
