On Mon, Nov 19, 2012 at 10:53 AM, Deeztek.com Support <supp...@deeztek.com> wrote: > I fixed the command and it created the end user .pfx file. It imported > successfully into windows but I get this message when I looked at the > certification chain for the intermediate ca: > > This certification authority is not allowed to issue certificates or cannot > be used as an end-entity certificate. > > Any idea why I would get this? or would it affect anything? http://lmgtfy.com/?q=This+certification+authority+is+not+allowed+to+issue+certificates+or+cannot+be+used+as+an+end-entity+certificate.
> On 11/19/2012 10:47 AM, Dr. Stephen Henson wrote: >> >> On Mon, Nov 19, 2012, Deeztek.com Support wrote: >> >>> Nevermind the last message, you said *concatenate* the CA >>> certificate together. So, this is what i did: >>> >>> Root cert: >>> cat ca.crt > cachain.pem >>> >>> Int-ca cert: >>> >>> cat int-ca.crt >> cachain.pem >>> >>> Ran the following but it didn't work: >>> >>> openssl pkcs12 -export -out someone.pfx -inkey someone.key -in >>> someone.crt -certfile cachain.pem -passout:somepassword >>> >> If you used that exact command the -possout syntax is incorrect. It should >> be -passout pass:somepassword ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
