Sascha Ziemann <[EMAIL PROTECTED]> writes: > Hi, > > it is useful to include the certificate of the CAs into a PKCS12 file, > when delivering client PSEs. I tried to use the option > --load-certificate twice while running "certtool --to-p12" but this does > not seem to work. I also tried --load-ca-certificate but that does not > work either. > > What is the right way to include two CA certificates into a PKCS12 file?
Hi! Right now this isn't possible, but I implemented support for this in CVS. I haven't tested the resulting PKCS#12 blob with anything, so I don't know exactly what various programs expect. Unfortunately, there are many ways to store multiple certificates in a PKCS#12 file... Please let me know if/how it works for you. Here is the news entry: ** Certtool --to-p12 can now store more than one certificate in the blob. Before it could only store one certificate, but now it will read and store as many certificate there are from the --load-certificate file. Suggested by Sascha Ziemann <[EMAIL PROTECTED]>. A sample run: [EMAIL PROTECTED]:~/src/gnutls/src$ ./certtool --to-p12 --load-certificate foo.pem > bar.p12 Generating a PKCS #12 structure... Loading certificate list... Loaded 3 certificates. Enter a name for the key: hepp Enter password: [EMAIL PROTECTED]:~/src/gnutls/src$ At least certtool is able to read and parse the result... /Simon _______________________________________________ Help-gnutls mailing list [email protected] http://lists.gnu.org/mailman/listinfo/help-gnutls
