I've appended the PKCS#7 request generated by IIS to the end of this
email. IIS creates the header "BEGIN NEW CERTIFICATE REQUEST", which
is interpreted as an old X509 request (see pem.h).
Changing the header to "BEGIN PKCS7" makes things work. It's not obvious
what the solution should be since
nagendra [EMAIL PROTECTED] writes:
I've appended the PKCS#7 request generated by IIS to the end of this email.
IIS creates the header "BEGIN NEW CERTIFICATE REQUEST", which is interpreted
as an old X509 request (see pem.h).
Ohgodohgod what a mess! That's PKCS #7 signed data containing a data
Hi,
We're generating a CSR on IIS (win2k). When a certificate is already
installed on IIS, it generates a PKCS#7 certificate renewal request rather
than a PKCS#10 CSR. Furthermore the PEM header in the request is an
invalid PKCS#7 header. As a result none of the openssl utilities can parse
the
nagendra wrote:
Hi,
We're generating a CSR on IIS (win2k). When a certificate is already
installed on IIS, it generates a PKCS#7 certificate renewal request rather
than a PKCS#10 CSR. Furthermore the PEM header in the request is an
invalid PKCS#7 header. As a result none of the openssl