On Friday 24 March 2006 15:43, [EMAIL PROTECTED] wrote: Hi,
> I > cannot seem to import the server certificate that it signed. I > continually get the following message: > > 5 - 2006-03-23 16:58:30 gpgsm[27069]: self-signed certificate has a > BAD signature: Bad signature > 5 - 2006-03-23 16:58:30 gpgsm[27069]: basic certificate checks > failed - not imported > > OpenSSL will verify the certificate: > > [EMAIL PROTECTED] ~ $ openssl verify -CAfile /etc/ssl/certs/My_CA.pem > ./server.crt server.crt: OK It is My_CA.pem that you canĀ“t import into the GnuPG system, right? What happens if you try the following: openssl pkcs12 -in My_CA.pem -export -out My_CA.p12 -nocerts -nodes This should result in My_CA.p12 and next gpgsm --call-protect-tool --p12-import --store My_CA.p12 Does this work? Does gpgsm --list-secret-keys list it now? _If_ this worked you can grab the public part from My_CA.pem with an editor, since it is a text file. I took this from a mini-howto that describes how to use GnuPG with X.509 certificates that some email providers offer. hth Malte _______________________________________________ Gnupg-users mailing list [email protected] http://lists.gnupg.org/mailman/listinfo/gnupg-users
