nagendra wrote:
>
> Hi,
>
> We're generating a CSR on IIS (win2k). When a certificate is already
> installed on IIS, it generates a PKCS#7 certificate renewal request rather
> than a PKCS#10 CSR. Furthermore the PEM header in the request is an
> invalid PKCS#7 header. As a result none of the openssl utilities can parse
> the request.
>
> Does anyone know why IIS generates a PKCS#7 request rather than PKCS#10?
>
> At any rate, openssl should know how to parse PKCS#7 requests created by
> IIS. Can anyone shed some light on the problem? Thanks,
>
What's in the PKCS#7 header? If you just get a complaint of no start
line then you can try editing the header and footer and see if OpenSSL
will tolerate it then.
If you get an ASN1 error of some sort then please send me the file and
I'll see if I can see what the problem is.
Steve.
--
Dr Stephen N. Henson. http://www.drh-consultancy.demon.co.uk/
Personal Email: [EMAIL PROTECTED]
Senior crypto engineer, Celo Communications: http://www.celocom.com/
Core developer of the OpenSSL project: http://www.openssl.org/
Business Email: [EMAIL PROTECTED] PGP key: via homepage.
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
