--- Richard Levitte - VMS Whacker <[EMAIL PROTECTED]> wrote: > In message > <[EMAIL PROTECTED]> > on Mon, 29 Apr 2002 12:22:32 -0700 (PDT), Tim Jones > <[EMAIL PROTECTED]> said: > > t0psecret> I'm trying to create password-protected > client certs > t0psecret> with OpenSSL and ssl.ca-0.1.tar.gz. Is > this what > t0psecret> "export password" refers to (when > creating the key), > t0psecret> or is there another way? I'm not sure > whether the > t0psecret> export password is a permanent password > for the cert > t0psecret> or just a one-time password used to > import the .p12 > t0psecret> file. > t0psecret> > t0psecret> If it's the former, it seems as though > Window strips > t0psecret> this password when I import the cert, > because I'm only > t0psecret> asked for it the one time when importing. > Is there any > t0psecret> way around this? > > You're mixing up certificate and private key. The > password will > protect the private key. The certificate is (or > should be) filled > with public information only, and therefore doesn't > require any > password protection.
Thanks for the help... I'm pretty new at this stuff. So, the private key is protected with the export password, but this is a one-time password that is only used when importing? From my standpoint it would really be nice to have a permanent password on the private key... Is this something that is common with SSL? If not, I'm wondering how Windows would react to such a thing. __________________________________________________ Do You Yahoo!? Yahoo! Health - your guide to health and wellness http://health.yahoo.com ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]