Netscape Certificates, RSA Keys, and GPG?
JanuszA.Urbanowicz
JanuszA.Urbanowicz
Fri Jun 29 15:35:01 2001
Justin Wienckowski wrote/napisa=B3[a]:
> My company issues personal certificates (for use by Netscape and IE) as
> part of our PKI services. We're currently trying to extend that
> infastructure to support digital signatures, and guess who gets to develop
> it? ;)
=20
> The short of it is, we're using RSA keypairs in these signed certificates=
.=20
> I can extract the RSA public and private keys using openssl's pkcs12 and
> x509 libraries, but neither GPG nor PGP seem to like the resulting
> pem-formatted RSA keypair.
=20
> Any suggestions for how to import these RSA keys into gpg (highly
> preferred) or pgp? I'm not even quite sure what problems I"m running
> into, as I'm not intimately familiar with the PEM message format that
> gpg/pgp are attempting to parse.
You can't do this, period. Certs you are talking about are X509 certs and h=
ave
completely different structure. You can't make them into OpenPGP
keys w/ signatures.
The only software for Linux I know of supporting it is Netscape, premail
with RIPEM and some mutation of mutt.
Alex
--=20
C _-=3D-_ H| Janusz A. Urbanowicz | ALEX3-RIPE | SF-F Framling | | =
* =09
; (_O : +-------------------------------------------------------------+ --=
+~|=09
! &~) ? | P=B3yn=B1=E6 chc=EA na Wsch=F3d, za Suez, gdzie jest dobrem ka=
=BFde z=B3o | l_|/=09
A ~-=3D-~ O| Gdzie przykaza=F1 brak dziesi=EAciu, a pi=E6 mo=BFna a=BF po d=
no; | | =20