The mapping seems a little strange. In openssl, there are 2 friendlyName entries; 2 holding a certificate, and one holding a certificate and a private key. In java, all 3 certificates and 1 private key are stored under the same alias, and the 2 individual certificates are stored in a certificate chain.
Thank you for your help.
Muralidhar K (SSG) - CTD, Chennai. wrote:
Hi Mark,--
Can you tell me the Java SDK version ?
In PKCS12, a container consists of a private key and a corresponding
certificate chain. This can be associated with a friendly name. If you
PKCS12 file contains only one container, then it should return one friendly
name.
Regards,
Murali
-----Original Message-----
From: Mark W. Webb [mailto:[EMAIL PROTECTED]]
Sent: Thursday, November 21, 2002 8:44 PM
To: [EMAIL PROTECTED]
Subject: PKCS12 question
I am working on a java program that parses PKCS12 Certificates. I am able to pull out my public and private key with no problem. When I use the command :
openssl pkcs12 -in test.p12 -info
I am shown 3 certificates; mine, and 2 from verisign. I am assuming that these verisign certificates are in the PKCS12 file, but I cannot figure out how to access them in java. What the Java API refers to as aliases, appears to be called "friendlyName" in the openssl output from the command above. The KeyStore.aliases() function only returns my alias(Mark W. Webb's VeriSign ID), the openssl command lists 3 friendly names :
Mark W. Webb's VeriSign ID
VeriSign Class 2 OnSite Individual CA - VeriSign, Inc.
Verisign Class 2 Public Primary Certification Authority - G2
Am I missing something, is java lacking the capabilities of openssl, or something else?
Thank you for your time and help.
Mark Webb
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
Mark Webb
Software Engineer
Dolphin Technology
1300B Floyd Ave
Rome, NY 13440
Phone: (315) 334-4892 x222
Fax: (315) 339-4846
Email: [EMAIL PROTECTED]
*****************************************
As of December 9, 2002, the address of Dolphin Technology, Inc. will change to:
474 Phoenix Drive
Rome, NY 13441-4911
Our new telephone and fax numbers will be:
Phone 315.838.7000 Fax 315.339.4846
*****************************************
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
