Problem importing Certs in Netscape windows.

[Francisco Javier Martínez Martínez]

Hello. Recently I had setup a test CA. I had created and signed a few certificates with openssl, whichs can be imperted in PKCS12 format without problems into Linux Netscape, I had tested encripted and signed emails succefully, but when I had tried to import the same certificates into Windows Netscape the system says: 'it can´t be imported because they are no valids certificates or may be corrupted'. Some time ago I read that this could be something related with the headers of the certificate in 'PEM' format that it expects that start with or without something. Anyone can told what I should to do or what is wrong. In outlook works fine.   To generate the cliebnt certificates:    1. Genering private keys.                       # openssl genrsa -rand ./private/.rand.dat -des3 1024 > xxkey.pem   2. Genering CSR                     # openssl req -new -config openssl.cnf -key xxkey.pem -out xxreq.pem  3. Signing the CSR.                       # openssl ca -config openssl.cnf -in xxreq.pem -out xxcert.pem    4.1. Exporting in Netscape PKCS12 format.                       # openssl pkcs12 -export -in xxcert.pem -inkey xxkey.pem -out xx.p12    4.2. Exporting MS Ootlook PKCS12 format.                       # openssl pkcs12 -export -in xxcert.pem -inkey xxkey.pem  -keysig -keyex -out xx.pfx   Thanks in advance.