Hi all, I have a cert, a CA cert, and N intermediate certificates, each in three separate files. I don't know the value of N during this process.
What I need to do is combine these certs into a P12 file, but crucially I need to give the cert and the CA cert very specific nicknames for further scripting to work. The "-name" option is working fine, it gives the nickname to the cert as expected, I am struggling however with the "-caname" option - instead of applying the nickname to the CA certificate, it applies the nickname to the first intermediate cert instead. /usr/bin/openssl pkcs12 -export -in machine.cert -CAfile ca.pem -certfile machine.chain -inkey machine.key -out machine.p12 -name "Server-Cert" -passout env:PASS -chain -caname "CA-Cert" As an alternative I tried piping the certs to openssl, but this time openssl seems to be ignoring the additional certs and throws an error: cat machine.cert ca.pem machine.chain | /usr/bin/openssl pkcs12 -export -inkey machine.key -out machine.p12 -name "Server-Cert" -passout env:PASS -chain -caname "CA-Cert" Error unable to get local issuer certificate getting chain. Can this be done with openssl? Regards, Graham -- ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
