hi Alexander ,all Sorry to bug you again.
I found file that has certificate from IBM information exchange,it is .PFX file. Wiki says for X509 certs: http://en.wikipedia.org/wiki/PKCS that pfx is one of 6 formats in X.509, and it is basically a .P12 - PKCS#12, which may contain certificate(s) (public) and private keys (password protected) at IBM website when getting the certificate from web browser : http://pki.services.ibm.com/ieftp/ie5.shtml the person should put passwd for that file. Later they say that for, e.g. FTP-TLS client, i need to convert PKCS#12 to PEM format http://pki.services.ibm.com/ieftp/webdocs.shtml#ftps_clients by "openssl pkcs12 -in pkcs#12_filename -out pem_filename" and then enter passwords etc... They describe it in : http://pki.services.ibm.com/ieftp/convert2pem.shtml (i would need to split pem into 2 files, private key and client certificate) now when you said: > Password protected keys are not supported yet. Can you tell me if LFTP 3.0.13 will or will not work for me ? ( btw. ssh -V says mentions OpenSSL 0.9.7d on our AIX machine) Or maybe there is workaround ? maybe when i convert it to PEM i can leave the password blank? It is important for me to know this , so to not spend to much time and all... (at moment i'm stuck with testing lftp due to some firewall issues etc., plus i don't have passwd of above .PFX file, my colleague will need to re-export it from his browser with new passwd.) and i hope that my questions are understandable as I'm new to this. Best regards, branko p.s. i hope it will work, then I'll definitely ask management to give some support to lftp developers. ********************************************** Branislav Misovic Canon Europe N.V. System Development Department Tel:+31/(0)20/503-5947 > -----Original Message----- > From: Alexander V. Lukyanov [mailto:[EMAIL PROTECTED] > Sent: Friday, August 12, 2005 8:35 > To: Misovic, B. - Branislav - > Cc: [email protected] > Subject: Re: x.509 authentication supported ? > > > On Fri, Aug 12, 2005 at 04:47:26AM +0200, Misovic, B. - > Branislav - wrote: > > Hence the question, is X.509 supported in LFTP or not? > > It is supported, provided the private key is not encrypted. > Password protected > keys are not supported yet. > > Use these settings: > ssl:key-file > ssl:cert-file > > -- > Alexander.. >
