Netscape Certificates, RSA Keys, and GPG?

[JanuszA.Urbanowicz]

Justin Wienckowski wrote/napisa=B3[a]:

> My company issues personal certificates (for use by Netscape and IE) as
> part of our PKI services.  We're currently trying to extend that
> infastructure to support digital signatures, and guess who gets to develop
> it? ;)

=20
> The short of it is, we're using RSA keypairs in these signed certificates=
.=20
> I can extract the RSA public and private keys using openssl's pkcs12 and
> x509 libraries, but neither GPG nor PGP seem to like the resulting
> pem-formatted RSA keypair.

=20
> Any suggestions for how to import these RSA keys into gpg (highly
> preferred) or pgp?  I'm not even quite sure what problems I"m running
> into, as I'm not intimately familiar with the PEM message format that
> gpg/pgp are attempting to parse.


You can't do this, period. Certs you are talking about are X509 certs and h=
ave
completely different structure. You can't make them into OpenPGP
keys w/ signatures.

The only software for Linux I know of supporting it is Netscape, premail
with RIPEM and some mutation of mutt.

Alex
--=20
C _-=3D-_ H| Janusz A. Urbanowicz | ALEX3-RIPE | SF-F Framling |         | =
  *  =09
 ; (_O : +-------------------------------------------------------------+ --=
+~|=09
 ! &~) ? | P=B3yn=B1=E6 chc=EA na Wsch=F3d, za Suez, gdzie jest dobrem ka=
=BFde z=B3o | l_|/=09
A ~-=3D-~ O| Gdzie przykaza=F1 brak dziesi=EAciu, a pi=E6 mo=BFna a=BF po d=
no;     |   |  =20