I�m sorry, my mistake. It�s the client-cert that I will distribute, and so it�s the client-cert that could not have any private key. When you say I should put the two files in a single one you mean the CA and the private key? If so, I just have to concat the private key in the CA file? I�m sorry if these questions seem to dump. Thanks again. Wiliian Persk
>From: Tarassov Vadim <[EMAIL PROTECTED]> >Reply-To: [EMAIL PROTECTED] >To: "'[EMAIL PROTECTED]'" <[EMAIL PROTECTED]> >Subject: AW: AW: >Date: Fri, 18 Jan 2002 12:50:47 +0100 > >Hallo Willian, > >sure it is possible that I am talking BS, so please sorry in advance. First >of all, when you talking about mozilla, you mean that browser, right? >Importing certificate (public and private key) into the browser together >with CA public key (or keys) does not mean that browser will send your >private key to the world. Browser would need your private key in order to >sign messages or decrypt messages encrypted with your public key. > >Why do you think that browser is going to send your private key to someone? > >Well, to your question "Is that true?" I would say "No". > >Regards, Vadim Tarassov. > >-----Urspr�ngliche Nachricht----- >Von: Coronel Persk [mailto:[EMAIL PROTECTED]] >Gesendet am: Freitag, 18. Januar 2002 12:00 >An: [EMAIL PROTECTED] >Betreff: Re: AW: > > >I�ve heard that putting these two files into one reduces its security to >zero since I�m sending my private key together. Is that true? > >Thanks for your help. > >Willian Persk > > >From: Tarassov Vadim <[EMAIL PROTECTED]> > >Reply-To: [EMAIL PROTECTED] > >To: "'[EMAIL PROTECTED]'" <[EMAIL PROTECTED]> > >Subject: AW: > >Date: Thu, 17 Jan 2002 15:42:59 +0100 > > > >Hallo Willian > > > >if you don't have anything against using PKCS12, try to collect your DER > >encrypted certificates into PKCS12 keystore. The way it could work > >1) using openssl convert DER to PEM (use openssl x509 help to get info on > >required args). > >2) cut files you got in previous step into one single file > >3) using openssl pkcs12 convert resulting file into pkcs12 format (use > >openssl pkcs12 help to get info on required args). > > > >If I don't confuse anything I did something similar already. > > > >Hope it helps, Vadim Tarassov. > > > >-----Urspr�ngliche Nachricht----- > >Von: Coronel Persk [mailto:[EMAIL PROTECTED]] > >Gesendet am: Donnerstag, 17. Januar 2002 15:19 > >An: [EMAIL PROTECTED] > >Betreff: > > > > > > > >I�m new in this list(and with openssl stuff) and I�m having some trouble > >with openssl and mozilla. > >I create my CA and my client cert (both .der files) but mozilla doesn�t > >accept them. it says that they are not in pkcs12 format and could not be > >imported. > >If someone has any answer, to this please help me. > > > >Willian Persk > > > >_________________________________________________________________ > >Chat with friends online, try MSN Messenger: http://messenger.msn.com > > > >______________________________________________________________________ > >OpenSSL Project http://www.openssl.org > >Development Mailing List [EMAIL PROTECTED] > >Automated List Manager [EMAIL PROTECTED] > >______________________________________________________________________ > >OpenSSL Project http://www.openssl.org > >Development Mailing List [EMAIL PROTECTED] > >Automated List Manager [EMAIL PROTECTED] > > > > >_________________________________________________________________ >Send and receive Hotmail on your mobile device: http://mobile.msn.com > >______________________________________________________________________ >OpenSSL Project http://www.openssl.org >Development Mailing List [EMAIL PROTECTED] >Automated List Manager [EMAIL PROTECTED] >______________________________________________________________________ >OpenSSL Project http://www.openssl.org >Development Mailing List [EMAIL PROTECTED] >Automated List Manager [EMAIL PROTECTED] _________________________________________________________________ Join the world�s largest e-mail service with MSN Hotmail. http://www.hotmail.com ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
