Hello Stefan, the openssl pkcs12 comman expects the private key and all certificates to be in the base64-encoded PEM format. There is no -inform option which would support DER-encoded files.
If you are using the ipsec pki commands then you must explicitly output the keys/certificates in PEM format. Regards Andreas On 06.01.2012 13:52, Stefan Malte Schumacher wrote: > Dear members of the strongSwan-Community > > I am trying to create an encrypted connection between my home server > "Mars" and my laptop "Deimos". I have created a CA as well as keys and > certificates for each of my peers according to the instruction at > http://wiki.strongswan.org/projects/strongswan/wiki/SimpleCA. Now I > want to create the necessary pk12-file which I can import in Windows 7 > on "Deimos". According to my information the necessary command should > be as follows: "openssl pkcs12 -export -inkey deimosKey.der -in > deimosCert.der -name "Deimos" -certfile caCert.der -caname "Stefan > Malte Schumacher CA" -out deimos.p12". Unfortunately I only get an > error message "unable to load private key" despite the fact that the > deimosKey.der is containted in the current working directory. What am > I doing wrong? > > Sincerely > Stefan Malte Schumacher ====================================================================== Andreas Steffen [email protected] strongSwan - the Linux VPN Solution! www.strongswan.org Institute for Internet Technologies and Applications University of Applied Sciences Rapperswil CH-8640 Rapperswil (Switzerland) ===========================================================[ITA-HSR]==
smime.p7s
Description: S/MIME Cryptographic Signature
_______________________________________________ Users mailing list [email protected] https://lists.strongswan.org/mailman/listinfo/users
