I think yes. MS stores certificates in DER format. You can pass it to OpenSSL
with -inform DER key. Or you can convert DER to PEM with OpenSSL.
Hello,
Is there a way to use Microsoft stored certificates with OpenSSL? I can\'t
find anything on this.
I can access to those certificates
Technically, DER is Distinguished Encoding Rules, a subset of Basic
Encoding Rules.
OpenSSL can use '-inform DER' to state that it's in DER instead of PEM.
PEM is just an ASCII-64 version (akin to uuencoding) of the DER data.
[and don't get me started on XER.]
-Kyle H
On 4/27/06, [EMAIL
Hello,
I agree on the fact that MS can import/export certificates in DER format (and
pk12 as well).
I'm not familiar with MS system and MS programmation but I understood that
Windows really stores
certificates in pieces (In the registry, in files in UserData directory). So
what I need is to
If it's exported as a DER file, it's already in an X509 structure. If
it's exported as a PKCS#12 file, then OpenSSL has tools for parsing
that too. I don't really understand what your problem is.
MS's cryptography system is built around the concept of FIPS
compliance. That means that it's
On Thu, Apr 27, 2006, Matthieu BONETTI wrote:
Hello,
I agree on the fact that MS can import/export certificates in DER format (and
pk12 as well).
I'm not familiar with MS system and MS programmation but I understood that
Windows really stores
certificates in pieces (In the registry, in
Hello,
Is there a way to use Microsoft stored certificates with OpenSSL? I can't find
anything on this.
I can access to those certificates using CAPICOM, but OpenSSL requires a PEM
file.
Regards,
--
Matthieu Bonetti
Mobile. +33 684 957 844 - Portable. 06 84 95 78 44
Hello,
Thanks for your answer but it wasn't what I need. I forgot to say it was
question about programming with OpenSSL API.
I need to port a small application using openssl to make TLS tunnels.
This application use SSL_CTX_use_certificate_chain_file(ctx, certfile)); to
load the client
Matthieu BONETTI wrote:
The thing is I need to
import a specific certificate from Certificate Store
on Microsoft Windows and dump it into SSL_CTX_use_certificate_chain_file
(or an equivalement function).
I think you can use d2i_X509() and X509_STORE_add_cert()
I used crypoapi to get a cert