Michael Dingler wrote:
>
> > You need to do...
> >
> > openssl pkcs12 -in xxx.p12 -clcerts -out xxx.pem
> >
> > to only extract client certificates and possibly
> >
> > openssl pkcs12 -in xxx.p12 -cacerts -nokeys -out cas.pem
> >
> > to extract CA certificates.
>
> Oh thanks, that did it. With just the client certificate
> it now runs perfectly. What FM should I have read to
> gather this? Maybe this should get into some kind of
> FAQ... I haven't seen much information about client
> setup on the net, most of the times they're even
> trying to _import_ certs into Netscape.
>
Its mentioned in the NOTES section of the pkcs12 manual page.
Steve.
--
Dr Stephen N. Henson. http://www.drh-consultancy.demon.co.uk/
Personal Email: [EMAIL PROTECTED]
Senior crypto engineer, Celo Communications: http://www.celocom.com/
Core developer of the OpenSSL project: http://www.openssl.org/
Business Email: [EMAIL PROTECTED] PGP key: via homepage.
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
