On 11/19/2012 10:02 AM, Dr. Stephen Henson wrote:
On Mon, Nov 19, 2012, Deeztek.com Support wrote:I have created a CA and an intermediate CA. I use the intermediate CA to create self-signed s/mime certificates for end users which works fine. I need to be able to create .pfx files form those end user certificates and include the CA chain into the pfx file. Currently the command I use to export the user certificates to .pfx is as follows: openssl pkcs12 -export -out someone.pfx -inkey someone.key -in someone.crt -passout:somepassword This works fine but when i import the .pfx file into my windows sytem, the certificate chain is not there and I have no way of trusting the certificate. How would I go about including the certificate chain into the pfx file?Concatenate the CA certificate together and use the -certfile option. See: http://www.openssl.org/docs/apps/pkcs12.html#FILE_CREATION_OPTIONS Steve. -- Dr Stephen N. Henson. OpenSSL project core developer. Commercial tech support now available see: http://www.openssl.org ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
-- Deeztek.com Support http://www.deeztek.com
smime.p7s
Description: S/MIME Cryptographic Signature
