On Thu, Dec 02, 2004, Lasko, Debra wrote: > Hello! > > I have a question about the PKCS12 command. Originally, I used OpenSSL to > create a CSR and Private Key for a QuickSSL certificate from GeoTrust. Now I > am attempting to create a .p12 or .pfx file from the private and public keys > with no success (it hangs after I enter the passcode for the Private Key). > Has anyone else run into this? >
There's no standard to include public keys in a PKCS#12 file. If you include the private key however this isn't needed. I suspect the command is expecting a certificate and is trying to read one from standard input if nothing else is supplied on the command line. The normal use for a PKCS#12 file is to contain a key and corresponding certificate. In OpenSSL 0.9.7 and earlier you can't just include a private key in 0.9.8-dev you can however. Applications may however misbehave if they are just presented with a private key in a PKCS#12 file. If you just want to store the private key in an encrypted form then there are other commands you can use. The 'pkcs8' command is normally used for this. Steve. -- Dr Stephen N. Henson. Email, S/MIME and PGP keys: see homepage OpenSSL project core developer and freelance consultant. Funding needed! Details on homepage. Homepage: http://www.drh-consultancy.demon.co.uk ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
