GnuPG to create CSR

Antony Prince antony at blazrsoft.com
Fri Jan 13 02:06:58 CET 2017


On 1/12/2017 5:35 PM, Antony Prince wrote:
> On 1/12/2017 6:14 AM, Ali Hassan Hamed Al Ajmi (eChannels) wrote:
>>
>> Does *"GnuPG" *support creating CR (CSR) that is compatible with
>> Microsoft CA (from command line/ other tools with GUI)?
> 
> Not sure on that one.
> 
>> If Yes, how to generate a certification request that is compatible with
>> Microsoft CA (CSR)?
> 
> Also not sure.
> 
>> Can you please guide us to a manual /documentation where we will find
>> such information.
> 
> Personally, I use OpenSSL[1] for creating CSR's and signing them. It
> appears that OpenSSL generated CSR's can be signed using Microsoft CA
> according to the documentation in an article[2] I found.
> 
> [1]https://www.openssl.org
> [2]https://support.forcepoint.com/KBArticle?id=How-to-use-OpenSSL-and-Microsoft-Certification-Authority
> 

After considering your question a bit more, I could see that your
purpose might be to create CSR's for existing keys to be signed by your
internal CA. I searched around a bit, but couldn't find anything
specifically about GnuPG and Microsoft CA. For creating x.509 CSR's in
PKCS/#12 format, this[3] is what I could find. I would think that
Microsoft CA should be able to handle a PKCS/#12 CSR, but a quick search
could not confirm that.

[3]https://www.gnupg.org/documentation/manuals/gnupg-devel/Howto-Create-a-Server-Cert.html

--
Antony


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 898 bytes
Desc: OpenPGP digital signature
URL: </pipermail/attachments/20170112/3d605e09/attachment.sig>


More information about the Gnupg-users mailing list