On Tue, Nov 20, 2012 at 11:56 AM, jw72...@verizon.net wrote:
it would be swell if I could get my email address removed from the list
without removing my subscription too. This way I could just use my
newsreader to get the messages without having my email box cluttered every
day with this
Subject: Newsreader (was: Question about exporting user certificate
files to .pfx)
On Tue, Nov 20, 2012 at 11:56 AM, jw72...@verizon.net wrote:
it would be swell if I could get my email address removed from the
list without removing my subscription too. This way I could just use
my
I have created a CA and an intermediate CA. I use the intermediate CA to
create self-signed s/mime certificates for end users which works fine. I
need to be able to create .pfx files form those end user certificates
and include the CA chain into the pfx file. Currently the command I use
to
On Mon, Nov 19, 2012, Deeztek.com Support wrote:
I have created a CA and an intermediate CA. I use the intermediate
CA to create self-signed s/mime certificates for end users which
works fine. I need to be able to create .pfx files form those end
user certificates and include the CA chain
On Mon, Nov 19, 2012, Deeztek.com Support wrote:
Sorry, I'm not sure what you mean by concentrate the CA certificate
together.
Join the root and intermediate CAs together in one file e.g. like this
under Linux:
cat intermediateca.pem root.pem cacerts.pem
Then pass -certfile cacerts.pem to
Nevermind the last message, you said *concatenate* the CA certificate
together. So, this is what i did:
Root cert:
cat ca.crt cachain.pem
Int-ca cert:
cat int-ca.crt cachain.pem
Ran the following but it didn't work:
openssl pkcs12 -export -out someone.pfx -inkey someone.key -in
On Mon, Nov 19, 2012, Deeztek.com Support wrote:
Nevermind the last message, you said *concatenate* the CA
certificate together. So, this is what i did:
Root cert:
cat ca.crt cachain.pem
Int-ca cert:
cat int-ca.crt cachain.pem
Ran the following but it didn't work:
openssl
I meant, I run the command, I get no error, no pfx file is created and I
simply get the openssl help command:
Usage: pkcs12 [options]
where options are
-export output PKCS12 file
-chainadd certificate chain
-inkey file private key if not infile
What do you mean didn't work?
On Mon, Nov 19, 2012, Deeztek.com Support wrote:
Nevermind the last message, you said *concatenate* the CA
certificate together. So, this is what i did:
Root cert:
cat ca.crt cachain.pem
Int-ca cert:
cat int-ca.crt cachain.pem
Ran the following but it didn't work:
openssl
I fixed the command and it created the end user .pfx file. It imported
successfully into windows but I get this message when I looked at the
certification chain for the intermediate ca:
This certification authority is not allowed to issue certificates or
cannot be used as an end-entity
On Mon, Nov 19, 2012 at 10:53 AM, Deeztek.com Support
supp...@deeztek.com wrote:
I fixed the command and it created the end user .pfx file. It imported
successfully into windows but I get this message when I looked at the
certification chain for the intermediate ca:
This certification
Can you post here the certificate chain? Not the private key, only the
certificates, from the root down to the end-entity.
--
Erwann ABALEA
-
Ca se fait pas du tout d'avoir donné toutes les adresses email des
votants C bon pour les spammers ça !
[suit la liste intégrale des votants mal
I'm assuming this is what you want. This is the contents of my chain file:
-BEGIN CERTIFICATE-
MIIFlDCCA3ygAwIBAgIJAJsm0MjspJZLMA0GCSqGSIb3DQEBBQUAMDoxGDAWBgNV
BAMTD2NhMy5kZWV6dGVrLmNvbTEeMBwGCSqGSIb3DQEJARYPY2EzQGRlZXp0ZWsu
Thanks.
The first certificate is your root CA, the second one is a version 1
certificate that can't be used as a CA (it would be insecure to allow it).
If your end-user certificate is issued by this second certificate, then
the error message is normal.
--
Erwann ABALEA
-
anatomie:
Maybe I got something wrong creating the intermediate CA which is
supposed to be the 2nd certificate. This is what I did to create the
intermediate CA. Maybe I missed something?
Generated Intermediate CA key:
openssl genrsa -out ia.key 4096
Generated Intermediate CA Certificate Request:
Answers inline.
--
Erwann ABALEA
-
Un forum peut répondre à plusieurs besoins à la fois
Ici, le groupe des débutants dépasse en nombre le groupe des utilisateur
middle-class ce qui provoque inévitablement des tensions.
-+- EF - Guide du Neuneu d'Usenet - La lutte des middle classes -+-
Le
On Mon, Nov 19, 2012, Erwann Abalea wrote:
You should get better CA scripts, or build your own set after
reading your openssl.cnf file and other associated documentation.
man req
man x509
man ca
man x509v3_config
When I need a junk CA, I personaly use openssl req to create the
root,
17 matches
Mail list logo
