Importing keys

John Clizbe JPClizbe at comcast.net
Thu Sep 15 08:12:41 CEST 2005 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Bob Henson wrote:
> Thanks, that's what I was trying to find out. I was confused by all the
> formats (and their extensions) for sharing information - .pfx .p7b .cer etc.
> I was trying to use data from Windows and import to GPG. As you remark, the
> extension is irrelevant, so long as the file is DER encoded binary (
> possibly base 64 as well? - I haven't tried that). I have managed (don't ask
> me how) to get what appears to be a working x.509 certificate from Thawtes
> onto my GPG keyring, and have self signed it. I thought I'd have a go at
> getting another onto the keyring, but didn't know what format to export it
> from Windows. It would appear that I can only export the *public* keys from
> the X.509 certs as binary files - the key pairs will only export in .pfx
> format, which GPG won't import, so I guess it's some sort of Windows
> proprietary format.

Backup from Mozilla/Firefox/Netscape as .p12
Backup from IE as .pfx

Import it to OpenPGP format using PGPkeys from PGP 8 or 9.

Then you can export pub and secret key to an .asc for importing to GPG. Or
you can CTRL-C to copy the key in PGPkeys and import from clipboard with
WinPT or GPGshell.

The PGP-Basics Yahoo! group can help you a lot more on this. Several of the
folks there have loaded X.509 Certs into PGP.


- --
John P. Clizbe                   Inet:   JPClizbe(a)comcast DOT nyet
Golden Bear Networks             PGP/GPG KeyID: 0x608D2A10
"Be who you are and say what you feel because those who mind don't matter
and those who matter don't mind." - Dr Seuss, "Oh the Places You'll Go"
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.3-cvs-3891-2005-09-13 (Windows 2000 SP4)
Comment: When cryptography is outlawed, b25seSBvdXRsYXdzIHdpbGwgdXNlIG
Comment: Be part of the £33t ECHELON -- Use Strong Encryption.
Comment: It's YOUR right - for the time being.
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFDKRDYHQSsSmCNKhARAqfUAKDwnVHijl2hQ5kEQOusz23KuPrcigCg/cC8
GSKjHTanajNrHqmk/nTuxsk=
=TwDD
-----END PGP SIGNATURE-----

More information about the Gnupg-users mailing list