It's that time of year, I'm trying to renew my SSL certificate that is
used for the IISCosign ISAPI filter and https on my IIS server. I have
the iisreadme.txt open and follow the steps in the "Your certificate
expired and you need it re-signed" to get the -----BEGIN CERTIFICATE
REQUEST...END CERTIFICATE REQUEST----- block of text that I paste into
the wasup SSL Certificate Signing Request form. I get back my InstantSSL
signed certificate as a .cert file which is a block of text wrapped with
-----BEGIN PKCS7... END PKCS7-----
Now I try to use the new .cert file with the steps in the "Using OpenSSl
certificates for https", but the first command to generate a .p12 file
fails with a "No certificate matches private key"... I should have left
myself some notes for this renewal from last year, maybe I did, but my
searches have turned up nothing. Seems like the .cert needs to be
converted to the right format before I can generate the .p12 for mmc.
Not having much luck converting the .cert file (I think is PKCS7 from
the wrapper text) into PEM format, the command: openssl pkcs7 -inform
DER -in new.cert -outform PEM -out new.pem gives "unable to load PKCS7
object".
I'm sure it is something simple that I'm missing here, any help is much
appreciated.
Luke G. Palnau
Application Developer/Analyst and DBA
Web and Data Integration, Development Services,
Office of University Development, University of Michigan
ph: 734.936.8931 cell: 734.604.2271
-------------------------------------------------------------------------
This SF.net email is sponsored by: Microsoft
Defy all challenges. Microsoft(R) Visual Studio 2008.
http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/
_______________________________________________
Cosign-discuss mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/cosign-discuss
