Marco Donati wrote:
I've solved my problem and I'd like to thank everybody who wrote me.
I modified my low level sequence (the code I posted) to build a pkcs12
bundle with one bag, keeping "shrouded" private key, so i used
PKCS12_MAKE_SHKEYBAG/PKCS12_pack_p7data INSTEAD of
Marco Donati wrote:
I generate the key, then use it to sign a certificate request (PKCS#10).
The PKCS#10 is sent to a CA.
When the certificate is issued by the CA it is downloaded (via LDAP) and
stored into the original P12 with its key
I need it in PKCS12 for compatibility with
Marco Donati wrote:
PKCS#12 files under OpenSSL are intended to have a key and a matching
certificate. AFAIK the same is true of Windows and Netscape
import/export routines.
yes, but what if you stil have to request it to a CA...
What do you want a private key alone in PKCS#12