Hi
Didier LADNER wrote:
> Perhaps could you add to this file, the code which generates a "EMail Certificate"
>for Netscape?
Netscape only accepts keys in PKCS12 format (standard are great - there's so many to
choose from
<g>)
You need to explore OpenSSL's pkcs12 command. To take a public key in a.pem, a
private key of
b.private and a friendly name of Name, and write it to c.p12 use:
pkcs12 -export -out c.p12 -in a.pem -inkey b.private -name "Name"
You make an email cert like any other certificate to get the .pem and .private files,
but you must
use either the x509 command or use the relevant -x509 option so that the .pem files
has an x509 key
in it (yet another standard!).
On the other hand, your key will only be trusted by those who load, and trust, your CA
key. If you
just want one for your own use, Thawte (http://www.thawte.com) will issue you a free
key (restricted
to email signing only) and then you can join Thawte's Web of Trust (it's a bit like
PGP on drugs).
Luke
--
Luke Ross (Fizzy Razzer) - [EMAIL PROTECTED]
Visit http://lcr.sys3175.co.uk for geek code, other addresses, web page etc.
