On Thu, Feb 14, 2008 at 2:21 AM, Sake Blok <> wrote: > On Wed, Feb 13, 2008 at 10:25:49PM -0600, DePriest, Jason R. wrote: > > > > The file looks like this > > -----BEGIN CERTIFICATE----- > > MIIC0TCCAjqgAwIBAgIEFZ0B6DANBgkqhkiG9w0BAQQFADCBrDELMAkGA1UEBhMC > > (14 lines of stuff) > > Kd49ym4= > > -----END CERTIFICATE----- > > > > If I save that to a file with a .cer extension, Windows opens it with > > the correct information. > > Well, "correct" might not be the proper description here. Since > Wireshark is looking for a private key and windows is showing > you the public certificate. The "BEGIN CERTIFICATE" is giving that > away too :-) > > > > The Blue Coat says its certs are in PKCS#7 format which from > > http://en.wikipedia.org/wiki/PKCS looks pretty standard. > > > > Any suggestions on how to convert it properly? > > Well, since this file contains the certificate and not the > private key that linked to it, it can't be converted. You will > need to find the private key on the box. Which of course might > be difficult since it is something that the box would want to > keep secret. Anyone that has this key, can combine it with the > publicly available certificate and impersonate the whole > box. And every client is told to trust the (impersonated) box.
That's what I was afraid of. The keys were installed by someone else before I started managing these boxes. I'll ask him where he stores it next week. > > > > Cheers, > Sake _______________________________________________ Wireshark-dev mailing list Wireshark-dev@wireshark.org http://www.wireshark.org/mailman/listinfo/wireshark-dev
