Netscape Certificates, RSA Keys, and GPG?

JanuszA.Urbanowicz JanuszA.Urbanowicz
Fri Jun 29 15:35:01 2001

Justin Wienckowski wrote/napisa=B3[a]:

> My company issues personal certificates (for use by Netscape and IE) as
> part of our PKI services. We're currently trying to extend that
> infastructure to support digital signatures, and guess who gets to develop
> it? ;)
> The short of it is, we're using RSA keypairs in these signed certificates=
> I can extract the RSA public and private keys using openssl's pkcs12 and
> x509 libraries, but neither GPG nor PGP seem to like the resulting
> pem-formatted RSA keypair.
> Any suggestions for how to import these RSA keys into gpg (highly
> preferred) or pgp? I'm not even quite sure what problems I"m running
> into, as I'm not intimately familiar with the PEM message format that
> gpg/pgp are attempting to parse.
You can't do this, period. Certs you are talking about are X509 certs and h= ave completely different structure. You can't make them into OpenPGP keys w/ signatures. The only software for Linux I know of supporting it is Netscape, premail with RIPEM and some mutation of mutt. Alex --=20 C _-=3D-_ H| Janusz A. Urbanowicz | ALEX3-RIPE | SF-F Framling | | = * =09 ; (_O : +-------------------------------------------------------------+ --= +~|=09 ! &~) ? | P=B3yn=B1=E6 chc=EA na Wsch=F3d, za Suez, gdzie jest dobrem ka= =BFde z=B3o | l_|/=09 A ~-=3D-~ O| Gdzie przykaza=F1 brak dziesi=EAciu, a pi=E6 mo=BFna a=BF po d= no; | | =20