Hi, is there a way to set bag attributes in PKCS#12 files using the openssl pkcs12 or any other openssl command? I searched the mailinglist archives and the openssl documentation but to no avail. It seems there once was a patch for openssl to get OID 1.3.6.1.4.1.311.17.2 into the bag attributes but that was not complete since it's value could not be set to be empty - or so I understood. Did this patch make it into the current stable openssl release?
I'd like to set bag attributes like 1.3.6.1.4.1.311.17.2: <No Values> localKeyID: 01 00 00 00 Microsoft CSP Name: Microsoft RSA SChannel Cryptographic Provider friendlyName: 5866... Key Attributes X509v3 Key Usage: 10 for the private key and bag attributes like localKeyID: 01 00 00 00 friendlyName: Test-Server for the certificate. I am aware of the -name and -caname options of the pkcs12 command setting these friendly names. I understand that a PKCS#12 file needs the bag attribute with OID 1.3.6.1.4.1.311.17.2 to trigger a direct import of the key and certificate into the LOCAL_MACHINE sub-tree of Microsofts Certificate Manager MMC snap-in. Any hints are appreciated. Thanks. -- Kind Regards Reimer Karlsen-Masur -- 14. DFN-CERT Workshop und Tutorien, CCH Hamburg, 7.-8. Februar 2007 Infos/Anmeldung unter: https://www.dfn-cert.de/events/ws/2007/ -- Dipl.-Inform. Reimer Karlsen-Masur (PKI Team), DFN-CERT Services GmbH https://www.dfn-cert.de, +49 40 808077-615 / +49 40 808077-555 (Hotline) PGP RSA/2048, 1A9E4B95, A6 9E 4F AF F6 C7 2C B8 DA 72 F4 5E B4 A4 F0 66
smime.p7s
Description: S/MIME Cryptographic Signature
