Rajeev Saini <[EMAIL PROTECTED]> writes: > Hi, > We are trying to integrate GNU TLS windows library with our application > which requires mobile to authenticate a X509 certificate with a TCP Server > and then the communication packets between the two can start. > > My problem is that my test mobile only supports certificate in ..der > format. > The certtool utility in GNU TLS makes certificates in .pem format and if i > rename this .pem format certificate to .der format then the handshaking > between the mobile and server fails.
Yes, the PEM format is a text representation of the DER format. > My server can use the certificate in ..PEM format but my mobile can only > use .der format certificate. > How can i make .der format certificates using certtool (or otherwise) such > that i can use it on my test mobile and it performs successful hanshaking > with the TCP server(which uses .pem or .der certificate from the same > corresponding CA). You can use the --outder flag to certtool when generating the certificate. If you already have a client certificate for the mobile and want to convert it to DER, use: $ certtool -i --infile IN.pem --outder --outfile OUT.der However, this doesn't seem to work! Mea culpa. The output is garbled for some reason. Possibly the --outder flag doesn't work when generating certificates either. I'll see if I can debug this. /Simon _______________________________________________ Help-gnutls mailing list [email protected] http://lists.gnu.org/mailman/listinfo/help-gnutls
