> From: owner-openssl-us...@openssl.org [mailto:owner-openssl- > us...@openssl.org] On Behalf Of Tom Francis > > > openssl pkcs12 -export -out mypkcs12.pfx -inkey my.private.key -in > mycert.crt -certfile intermediate.crt -CAfile ca.crt > > (Correct?)
So ... I just tried this, and confirmed, that it doesn't work... The root CA cert is not included in the pfx. > > Alternatively, I could > > cat mycert.crt intermediate.crt ca.crt > mychain.crt > > openssl pkcs12 -export -out mypkcs12.pfx -inkey my.private.key -in > mychain.crt It seems the easiest thing to do is... cat intermediate.crt ca.crt > chain.crt openssl pkcs12 -export -out mypkcs12.pfx -inkey my.private.key -in mycert.crt -certfile chain.crt ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
