Hello all, I am running apache-1.3.19-5 with mod_ssl-2.8.1-5 and openssl-0.9.6-9 on RedHat7.1.
Everything is working perfectly within the Linux world except when I try to export key + certificate into IIS 5.0 (not my choice!). I use "import a certificate from a key manager backup file", then I select my IISNET.key file. It does NOT recognize the password I set up earlier to protect the key file. Following is what I did in my Linux server: - For my self signed CA certificate: openssl genrsa -des3 -out ssl.key/CA.key 1024 openssl req -new -x509 -days 365 -key ssl.key/CA.key -out ssl.crt/CA.crt openssl pkcs12 -export -in ssl.crt/CA.crt -inkey ssl.key/CA.key -out pkcs12/CA.p12 (pkcs12 command to have the ca certificate in pkcs12 format and be able to import it into browsers) - For my IIS server certificate: openssl genrsa -des3 -out ssl.key/IIS.key 1024 openssl req -new -key ssl.key/IIS.key -out ssl.csr/IIS.csr openssl ca -config openssl.cnf -cert ssl.crt/CA.crt -in ssl.csr/IIS.csr -keyfile ssl.key/CA.key \ -days 360 -out ssl.crt/IIS.crt openssl rsa -in ssl.key/IIS.key -outform NET -out ssl.key/IISNET.key (rsa is supposed to change the format of the server private key file to be able to import it into IIS) I did a search in the mailling list, without any success. Any idea of what I am doing wrong. I was thinking of using two files (IIS.crt and IISNET.key), putting together in a single certificate? Any help will be rally appreciated. Thanks. Nicolas ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
