Yes that is ok.
It's even easier with: openssl x509 -in cacert.pem -inform PEM -out cakey.cer -outform DER no need to rename... Cheers, Tomas Andrew Greig skrev:
I am using openssl to generate pk12 user certs to be used for signing Adobe Acrobat PDF documents. In order to get Acrobat to validate the signature I had to add our CA cert to the trust in my installation of the Acrobat program. When doing so, the Acrobat program expects a .cer file. I used the following command to convert our CA PEM file to a CER (actually DER) file: openssl x509 -in cacert.pem -inform PEM -out cakey.der -outform DER I then renamed the cakey.der to cakey.cer and added it to Acrobats trust just fine. However, I want to make sure that it is OK to freely distribute the cakey.cer file to all of the users that need to ad our CA to their Acrobat trust chain ?? Thanks, Andrew Greig Systems Analyst/Developer Kalamazoo Valley Community College ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
