> On Jun 15, 2018, at 7:25 PM, Harold Huggins wrote:
>
> We are having issues exporting the certificate with the .pfx
Works here.
$ openssl req -new -x509 -newkey rsa:1024 -nodes -keyout key.pem -out cert.pem
-days 30 -subj "/CN=$(uname -n)"
Generating a 1024
Hi, Everyone,
We are having issues exporting the certificate with the .pfx
Error printout log file as follows:
OpenSSL> pkcs12 -export -out "cfored.pfx" -inkey
"cfored_encrypted_private.key"
-in "mergeredcertificate.crt"
Usage: pkcs12 [options]
where optio
Hi, Everyone,
We are having issues exporting the certificate with the .pfx
Error printout log file as follows:
OpenSSL> pkcs12 -export -out "cfored.pfx" -inkey
"cfored_encrypted_private.key"
-in "mergeredcertificate.crt"
Usage: pkcs12 [options]
where optio
sl.org
> Cc: st...@openssl.org
> Subject: Newsreader (was: Question about exporting user certificate
> files to .pfx)
>
> On Tue, Nov 20, 2012 at 11:56 AM, wrote:
> > it would be swell if I could get my email address removed from the
> > list without removing my subscrip
On Tue, Nov 20, 2012 at 11:56 AM, wrote:
> it would be swell if I could get my email address removed from the list
> without removing my subscription too. This way I could just use my
> newsreader to get the messages without having my email box cluttered every
> day with this high-volume list.
On Mon, Nov 19, 2012, Erwann Abalea wrote:
> You should get better CA scripts, or build your own set after
> reading your openssl.cnf file and other associated documentation.
>
> man req
> man x509
> man ca
> man x509v3_config
>
> When I need a junk CA, I personaly use "openssl req" to create th
Answers inline.
--
Erwann ABALEA
-
Un forum peut répondre à plusieurs besoins à la fois
Ici, le groupe des débutants dépasse en nombre le groupe des utilisateur
"middle-class" ce qui provoque inévitablement des tensions.
-+- EF - Guide du Neuneu d'Usenet - La lutte des middle classes -+-
Le
Maybe I got something wrong creating the intermediate CA which is
supposed to be the 2nd certificate. This is what I did to create the
intermediate CA. Maybe I missed something?
Generated Intermediate CA key:
openssl genrsa -out ia.key 4096
Generated Intermediate CA Certificate Request:
open
Thanks.
The first certificate is your root CA, the second one is a version 1
certificate that can't be used as a CA (it would be insecure to allow it).
If your end-user certificate is issued by this second certificate, then
the error message is normal.
--
Erwann ABALEA
-
anatomie: ablatio
I'm assuming this is what you want. This is the contents of my chain file:
-BEGIN CERTIFICATE-
MIIFlDCCA3ygAwIBAgIJAJsm0MjspJZLMA0GCSqGSIb3DQEBBQUAMDoxGDAWBgNV
BAMTD2NhMy5kZWV6dGVrLmNvbTEeMBwGCSqGSIb3DQEJARYPY2EzQGRlZXp0ZWsu
Y29tMB4XDTEyMTExNzIzMDA1MVoXDTE3MTExNzIzMDA1MVowOjEYMBYGA1UEAxMP
Can you post here the certificate chain? Not the private key, only the
certificates, from the root down to the end-entity.
--
Erwann ABALEA
-
Ca se fait pas du tout d'avoir donné toutes les adresses email des
votants C bon pour les spammers ça !
[suit la liste intégrale des votants mal quoté
On Mon, Nov 19, 2012 at 10:53 AM, Deeztek.com Support
wrote:
> I fixed the command and it created the end user .pfx file. It imported
> successfully into windows but I get this message when I looked at the
> certification chain for the intermediate ca:
>
> This certification authority is not allow
I fixed the command and it created the end user .pfx file. It imported
successfully into windows but I get this message when I looked at the
certification chain for the intermediate ca:
This certification authority is not allowed to issue certificates or
cannot be used as an end-entity certifi
On Mon, Nov 19, 2012, Deeztek.com Support wrote:
> Nevermind the last message, you said *concatenate* the CA
> certificate together. So, this is what i did:
>
> Root cert:
> cat ca.crt > cachain.pem
>
> Int-ca cert:
>
> cat int-ca.crt >> cachain.pem
>
> Ran the following but it didn't work:
>
I meant, I run the command, I get no error, no pfx file is created and I
simply get the openssl help command:
Usage: pkcs12 [options]
where options are
-export output PKCS12 file
-chainadd certificate chain
-inkey file private key if not infile
What do you mean "didn't work"?
On Mon, Nov 19, 2012, Deeztek.com Support wrote:
> Nevermind the last message, you said *concatenate* the CA
> certificate together. So, this is what i did:
>
> Root cert:
> cat ca.crt > cachain.pem
>
> Int-ca cert:
>
> cat int-ca.crt >> cachain.pem
>
> Ran the following but it didn't work:
>
Nevermind the last message, you said *concatenate* the CA certificate
together. So, this is what i did:
Root cert:
cat ca.crt > cachain.pem
Int-ca cert:
cat int-ca.crt >> cachain.pem
Ran the following but it didn't work:
openssl pkcs12 -export -out someone.pfx -inkey someone.key -in
someone
On Mon, Nov 19, 2012, Deeztek.com Support wrote:
> Sorry, I'm not sure what you mean by concentrate the CA certificate
> together.
>
Join the root and intermediate CAs together in one file e.g. like this
under Linux:
cat intermediateca.pem root.pem >cacerts.pem
Then pass "-certfile cacerts.pem
Sorry, I'm not sure what you mean by concentrate the CA certificate
together.
On 11/19/2012 10:02 AM, Dr. Stephen Henson wrote:
On Mon, Nov 19, 2012, Deeztek.com Support wrote:
I have created a CA and an intermediate CA. I use the intermediate
CA to create self-signed s/mime certificates for
On Mon, Nov 19, 2012, Deeztek.com Support wrote:
>
> I have created a CA and an intermediate CA. I use the intermediate
> CA to create self-signed s/mime certificates for end users which
> works fine. I need to be able to create .pfx files form those end
> user certificates and include the CA cha
I have created a CA and an intermediate CA. I use the intermediate CA to
create self-signed s/mime certificates for end users which works fine. I
need to be able to create .pfx files form those end user certificates
and include the CA chain into the pfx file. Currently the command I use
to ex
> -Original Message-
> From: Lutz Jaenicke
>
> Forwarded to openssl-users for discussion.
>
> Best regards,
> Lutz
> - Forwarded message from Alexander Mills -
>
> From: Alexander Mills
>
> Recently I was tasked with using a .crt and .key used in Apache for
> use with Apache
.@openssl.org
> Subject: Intermediate certificate chain not included when exporting as pkcs12
> Date: Thu, 17 Feb 2011 09:15:37 +
>
> Recently I was tasked with using a .crt and .key used in Apache for
> use with Apache Tomcat. I searched around and the solution was to us
Forwarded to openssl-users for discussion.
Best regards,
Lutz
- Forwarded message from Alexander Mills -
From: Alexander Mills
To: r...@openssl.org
Subject: Intermediate certificate chain not included when exporting as pkcs12
Date: Thu, 17 Feb 2011 09:15:37 +
Recently I
> From: owner-openssl-us...@openssl.org On Behalf Of Shashidhar Reddy
> Sent: Friday, 16 July, 2010 15:30
> The below command is giving erros and not sure how to fix this. Any
help is much appreciated.
> openssl pkcs12 -info -in renewal.pkcs12
Your file apparently isn't
Hi,
The below command is giving erros and not sure how to fix this. Any help
is much appreciated.
openssl pkcs12 -info -in renewal.pkcs12
17650:error:0D06B089:asn1 encoding routines:ASN1_get_object:too
long:asn1_lib.c:132:
17650:error:0D07E065:asn1 encoding routines:d2i_ASN1_bytes:bad
That's what I was missing thank you very much!
Bart W
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Kyle Hamilton
Sent: Friday, August 29, 2008 6:04 PM
To: openssl-users@openssl.org
Subject: Re: Exporting private key
...which I just realized I f
nes:ASN1_CHECK_TLEN:wrong
>> tag:tasn_dec.c:947:
>> 14973:error:0D07803A:asn1 encoding routines:ASN1_ITEM_EX_D2I:nested asn1
>> error:tasn_dec.c:304:Type=PKCS12
>>
>> What am I doing wrong?
>> Thanks
>>
>> -Original Message-
>> From: [EMA
; From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Kyle Hamilton
> Sent: Friday, August 29, 2008 4:28 AM
> To: openssl-users@openssl.org
> Subject: Re: Exporting private key
>
> In your httpd.conf, you have a SSLCertificateKeyFile option set. This
> refers to y
hat am I doing wrong?
Thanks
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Kyle Hamilton
Sent: Friday, August 29, 2008 4:28 AM
To: openssl-users@openssl.org
Subject: Re: Exporting private key
In your httpd.conf, you have a SSLCertificateKeyFile option set.
than
> one server concurrently. To do this we need to export the private
> key from the server that generated the CSR.
> Can someone tell me what the commands are for exporting the private
> key off of the linux machine?
> Thanks
> Bart Wahlgren
Apache stores the key and certificate in
to support a different application. Go Daddy has told me that we
> can use the certificate on more than one server concurrently. To do this we
> need to export the private key from the server that generated the CSR.
>
>
>
> Can someone tell me what the commands are for exporti
To do this we
need to export the private key from the server that generated the CSR.
Can someone tell me what the commands are for exporting the private key off
of the linux machine?
Thanks
Bart Wahlgren
Xiaoyu Ruan wrote:
Greetings All,
I have two questions on OpenSSL:
1. How to have the DLLs or SO’s export functions that are not
exported by default, such as ECDSA etc?
don't know a function ECDSA ;-) Seriously, there (normally) is a reason
why certain functions are not part
Greetings All,
I have two questions on OpenSSL:
1. How to have the DLLs or SO's export functions that are not
exported by default, such as ECDSA etc? What code changes need to be
made?
2. What are the differences between 0.9.8 and 0.9.7?
Thanks.
-Xiaoyu
] [mailto:[EMAIL PROTECTED]
Em nome de Leandro Gustavo Biss Becker
Enviada em: quarta-feira, 12 de julho de 2006 08:42
Para: openssl-users@openssl.org
Assunto: Exporting PEM certificates to import in MS Internet Explorer
Hi
I´d like know how export certificates in pem file format to be able to
import
On Wed, Jul 12, 2006, Leandro Gustavo Biss Becker wrote:
> I think that we have a misunderstanding here hehehe
>
> I´d like to convert the openssl .pem file to another file format to import
> into IE.
> The IE cannot import the .pem file (it does not understand the .pem file
> format),
> it must
openssl pkcs12 - see the help.
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] Behalf Of Leandro Gustavo
Biss Becker
Sent: Wednesday, July 12, 2006 5:23 PM
To: openssl-users@openssl.org
Subject: RES: Exporting PEM certificates to import in MS Internet
Explorer
But
julho de 2006 09:05
Para: openssl-users@openssl.org
Assunto: AW: RES: Exporting PEM certificates to import in MS Internet
Explorer
ok.
this is how i do it:
Menu: Tools / Internet Options
Dialog Internet Options: Content Tab
Content Tab: Certificates Button
Certificates Dialog: Export Button
ailto:[EMAIL PROTECTED]
>Em nome de [EMAIL PROTECTED]
>Enviada em: quarta-feira, 12 de julho de 2006 08:52
>Para: openssl-users@openssl.org
>Assunto: AW: Exporting PEM certificates to import in MS Internet Explorer
>
>Hi,
>
>you have to export your private key into a .pfx f
de 2006 08:52
Para: openssl-users@openssl.org
Assunto: AW: Exporting PEM certificates to import in MS Internet Explorer
Hi,
you have to export your private key into a .pfx file.
this is the pkcs#12 format and should be pem comaptible.
--sk
>Hi
>
>I´d like know how export certificat
Hi,
you have to export your private key into a .pfx file.
this is the pkcs#12 format and should be pem comaptible.
--sk
>Hi
>
>I´d like know how export certificates in pem file format to be able to
>import in MS IE.
>I want samples using OpenSSL API and using openssl.exe utility.
>
>Thanks a lot
Hi
I´d like know how export certificates in pem file format to be able to
import in MS IE.
I want samples using OpenSSL API and using openssl.exe utility.
Thanks a lot
Leandro Gustavo Biss Becker
Engenheiro Eletrônico / Electronic Engineer
___
Hi
I m looking for OpenSSL APIs for exporting and importing Digital Certificates
can any one help me out for this.
If possible can you send me any related document or web sites to learn
more about it.
Thanks
Rafeeq
__
OpenSSL
On Fri, Sep 06, 2002 at 11:09:44AM -0500, Eduardo Muñoz wrote:
> I think you can extract the key from the certificate
> using the following instruction:
>
> openssl rsa < certificate.pem > certkey.pem
>
> I hopoe this works
> Eduardo
No, it wont work.
'openssl x509 -pubkey
> --- "Gary W." <
I think you can extract the key from the certificate
using the following instruction:
openssl rsa < certificate.pem > certkey.pem
I hopoe this works
Eduardo
--- "Gary W." <[EMAIL PROTECTED]> escribió: > I
got my certificate from Verisine,
> but cannot find the key I generated the csr with.
> A
I got my certificate from Verisine,
but cannot find the key I generated the csr with.
At least the Moduli of the files I can find do not
match what comes from the openssl x509 command.
Can I pull a key out of the certificate or csr?
Gary
--
TV is the enemy
-- John Bradley
http://WWW-DB
Beat Jucker wrote:
>
>
> I also have a problem to understand all the bits&pieces. Let me ask
> this question: I have a self signed CA root certificate. I also
> have generated a user key and the corresponding user certificate.
> Now I'd like to send the user key, user certifiacte and the CA root
> > I have generated a certificate to use as a CA root certificate. All I
> > want to do is export it as pkcs12 _without_ the private key so it can be
> > installed as a trusted certificate by the end user.
> >
> > I thought this would do it. Using OpenSSL 0.9.5a
> >
> > openssl pkcs12 -export
David Feilen wrote:
>
> I have generated a certificate to use as a CA root certificate. All I
> want to do is export it as pkcs12 _without_ the private key so it can be
> installed as a trusted certificate by the end user.
>
> I thought this would do it. Using OpenSSL 0.9.5a
>
> openssl pkcs12
David Feilen wrote:
>I have generated a certificate to use as a CA root certificate. All I
>want to do is export it as pkcs12 _without_ the private key so it can be
>installed as a trusted certificate by the end user.
>
I have the same problem preparing freeswan with PGPvpn in my case :
To mak
11:51 PM
Subject: problems exporting certificate to pkcs12
> I have generated a certificate to use as a CA root certificate. All I
> want to do is export it as pkcs12 _without_ the private key so it can be
> installed as a trusted certificate by the end user.
>
> I thou
c:311:address=3131288 offset=0
> 1692:error:0D08E08B:asn1 encoding routines:d2i_Netscape_RSA_2:unable to
> decode rsa private key:.\crypto\asn1\n_pkey.c:268:
> 1692:error:0D08D06F:asn1 encoding routines:d2i_Netscape_RSA:decoding
> error:.\crypto\asn1\n_pkey.c:4535002:address=8650824 offset=17
>
Try
Hi all,
I'm having trouble getting the private key out of an IIS .key cert.
I've followed the instructions to strip off the extra ASN1 SEQUENCE data at
the beginning of the key, but it doesn't seem to work:
On Win32:
E:\openssl-win32>openssl rsa -inform NET -in priv.key -out key.pem
read RSA
I'm curious if
OpenSSL can be exported to Australia? If it can, who do I have to contact
to get the requirements for exportation?
Erik
Philips
Software
Engineer
Pinpoint
Technologies
www.pinpointtech.com
Hi,
I have a client and a server which use openssl lib to communicate. I am
using my own certificates, DSA and server issues a certificates for its
clients. I need to ship ssleay32.dll and libeay32.dll these may need to go
outside US. I heard here and there that this is not legal? Is it? Where can
56 matches
Mail list logo
