On Dec 20, 2004, at 12:16 PM, Bill Rising wrote:
> On Dec 20, 2004, at 11:08, Lee Larson wrote:
>
>> On Dec 19, 2004, at 10:33 PM, someone claiming to be Bill Rising
>> asked:
>>
>>> Q: I need to use my certificate on another machine. How do I
>>> export my certificate from my Keychain?
>
> Lee or Jerry,
>
> If I go and request new certs from Thawte, will it mess up other's who
> already have a cert from me? If not, maybe I'll go do this. What I
> don't remember is this: I had had the keys on both machines earlier,
> and all the problem started up only because I had to replace the hard
> drive in the machine at home. I still don't understand why fetching
> the same key from Thawte doesn't work. Any idears?
>
In mostly all cases their mail reader will be able to understand and
decrypt the messages (Mail will send the latest cert in your keychain).
BUT, their emailer may have troubles replying to your message using the
encrypted stuff, because some will use the older cert to send out the
encrypted message, uh I am aware of at least one well known and beloved
mail app that certainly does this. Just tell them to open their
keychain and delete all certs from you, then send them a new signed
message and you will be back on track. I am not certain about your
second question, it could be a variety of things.
Jerry
>>
>> You might recall I had this same problem last spring. I was forced to
>> conclude there is no way to extract a private key from a keychain.
>> The key can apparently be moved to other Macs by moving the whole
>> keychain file to the other Mac, but this doesn't help when moving to
>> Linux or Windows.
>
> I might try doing this, though it is a pretty clumsy solution.
>
>>
>> After trolling the Web for a few weeks, I finally broke down and
>> asked someone I know who works at Apple. After asking around, she
>> basically said that at that time there was no way to extract public
>> keys. I don't think this has changed, and I think it's a big
>> oversight in the keychain utility.
>>
>> I was finally forced to throw out my private keys and generate new
>> ones. The second time around, I did it with Mozilla instead of
>> Safari. Then I burned the key files to a CD and imported them
>> everywhere I needed them.
>
> OK. That's a plan.
>
> Thanks,
>
> Bill
>
>
-----------------------------------
Someday, I will come up with a clever signature line. I am not sure if
I will use it or not, but I will come up with one.
| The next meeting of the Louisville Computer Society will
| be January 25. The LCS Web page is <http://www.kymac.org>.
| List posting address: <mailto:macgroup at erdos.math.louisville.edu>
| List Web page: <http://erdos.math.louisville.edu/macgroup>
