On 11 December 2012 22:19, Hurt,Trenton W. <[email protected]> wrote: > No I’m actually using Idengines. I have exported including the key, and now > have a .pfx file. I need a .pem and private key file from the pfx file. I > have tried a few different openssl commands on the pfx file, but have yet to > get the right combo for the server. >
IIRC+AFAIK IdEngines uses freeradius underneath. If that's true you can do: openssl pkcs12 -in yourcert.pfx -out cert-with-key.pem –nodes to get your key and certificate in PEM format in one file. Then split cert-with-key.pem in to two files [e.g. duplicate the file and delete the bit you don't want from each with a text editor] - one file then has just your private key in it, one then has just your server-cert in it. Then add the root ca cert and any chaining certs to your server cert *in order* (server-cert first [top of file], then any chaining [in order], then root [bottom of file]) e.g. cat my-server.pem chain1.pem chain2.pem root.pem > combined.pem The combined.pem and your-key.pem should be the two files you need. Kind regards, James -- James J J Hooper Senior Network Specialist, University of Bristol http://www.wireless.bristol.ac.uk -- ********** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.
