On Thu, Jun 13, 2002, Hellan,Kim KHE wrote: > For whatever stupid reason, MS has decided that a "renew certificate" on a MS IIS5, >Windows 2000 SP1, should result in a request in PKCS#7 format. > It looks like a normal PKCS#10 request in PEM with > ----- BEGIN NEW CERTIFICATE REQUEST ----- > ..... > ..... > ----- END NEW CERTIFICATE REQUEST ----- > header, but the content is a signed PKCS#7, where the signed data is the actual >PKCS#10 request. > > Is there any "magic" you can do with the OpenSSL commandline tool to transform this >obscure request into a normal PKCS#10 request? >
Well you could try changing the headers to PKCS7 then trying something like: openssl smime -verify -inform PEM -in p7req.pem -noverify -out req.der If that doesn't help, could you post a complete example? Steve. -- Dr. Stephen Henson [EMAIL PROTECTED] OpenSSL Project http://www.openssl.org/~steve/ ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
