Can you post here the certificate chain? Not the private key, only the
certificates, from the root down to the end-entity.
--
Erwann ABALEA
-----
Ca se fait pas du tout d'avoir donné toutes les adresses email des
votants C bon pour les spammers ça !
[suit la liste intégrale des votants mal quotée]
-+- AN in Guide du Neuneu Usenet : bien suivre sa logique -+-
Le 19/11/2012 16:53, Deeztek.com Support a écrit :
I fixed the command and it created the end user .pfx file. It imported
successfully into windows but I get this message when I looked at the
certification chain for the intermediate ca:
This certification authority is not allowed to issue certificates or
cannot be used as an end-entity certificate.
Any idea why I would get this? or would it affect anything?
On 11/19/2012 10:47 AM, Dr. Stephen Henson wrote:
On Mon, Nov 19, 2012, Deeztek.com Support wrote:
Nevermind the last message, you said *concatenate* the CA
certificate together. So, this is what i did:
Root cert:
cat ca.crt > cachain.pem
Int-ca cert:
cat int-ca.crt >> cachain.pem
Ran the following but it didn't work:
openssl pkcs12 -export -out someone.pfx -inkey someone.key -in
someone.crt -certfile cachain.pem -passout:somepassword
If you used that exact command the -possout syntax is incorrect. It
should
be -passout pass:somepassword
Steve.
--
Dr Stephen N. Henson. OpenSSL project core developer.
Commercial tech support now available see: http://www.openssl.org
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager majord...@openssl.org
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager majord...@openssl.org
