using gpg with private keys from openssl certificates?

arghman jmsachs at
Wed Dec 17 18:43:01 CET 2008

I'm experimenting w/ using the "freemail" certificates from thawte & was just
wondering if there is a way I can use them with gpg (openpgp, NOT S/MIME). I
can figure out how to use openssl to extract the rsa public key / private
key from the exported PKCS12 file, but I'm not sure how (or if) there was a
way to import that to gpg. I'm also missing some big picture issues, e.g.:

* is this a bad idea?
* if I sign a message with that key pair, and someone challenges my
identity, what's the best/easiest way for me to prove my identity? do I just
send them the certificate or a portion extracted thereof?
* is there a tutorial on openpgp, S/MIME, openssl certificates as to what
the different cryptographic assertion primitives are, from the standpoint of
a user who treats the algorithms/tools as a black box? (I've been interested
in RSA & public key encryption for 20+ years from a math standpoint, but as
a software user I just want to do things correctly) e.g.: "a certificate is
{a public key, identity information corresponding to that public key} signed
by a well-known Certificate Authority (CA) to assert that the Certificate
Authority asserts the public key belongs to the entity designated in the
certificate", "to verify a certificate, you use {program X with these
command-line options} to verify that CA's signature is valid"

This is as confusing as looking at plumbing pipes/fittings to me: I know
what the individual pieces do, I just have trouble understanding their
function in an overall cryptographic framework.
View this message in context:
Sent from the GnuPG - User mailing list archive at

More information about the Gnupg-users mailing list