[Help-gnutls] Using encrypted keys

Rich Fought whatever at fsrz.net
Mon Feb 20 21:10:54 CET 2006

So far in my project I have been using decrypted server keys and
gnutls_certificate_set_x509_key_file to read them (along with the cert) into
the credentials structure.
Now I wish to transition to encrypted keys.  From the documentation here's
what I think I need to do, please let me know if there is an easier or
different way:
- Since gnutls_certificate_set_x509_key_file does not support encrypted
keys, I have to read the encrypted key contents into memory and use
gnutls_x509_privkey_import_pkcs8 to get they key into the decrypted
gnutls_x509_privkey type.  (Since I am using OpenSSL to generate my keys, I
will have to convert to PKCS8 with PKCS12 encryption first.)
- I then need to read the certificate contents into memory and use
gnutls_x509_crt_import to get it into the gnutls_x509_crt type.
- I then need to use gnutls_certificate_set_x509_key to store the imported
cert/key into the credentials structure.
Sound right?  The reason I ask is that I need to write Haskell bindings for
these functions and would rather know I am doing the right ones ahead of
time.  :)

More information about the Gnutls-help mailing list