On Fri, May 17, 2002 at 10:27:17PM +0200, Geert Van Muylem wrote: > I want to create a p12 file which holds the secret key and the complete > certificate chain: > What is the "Standard CA store"? > > I've tried the following: > openssl pkcs12 -chain -export -in gvm_cert.pem -inkey gvm_sk.pem -out > gvm_sk.p12 > Loading 'screen' into random state - done > Enter PEM pass phrase: > Error unable to get local issuer certificate getting chain. > -> Generated an Application Error pop-up! > > Can the CA cert be specified by the -in parameter" > D:\OpenLDAP\CCA\Generate>openssl pkcs12 -chain -export -in ca_cert.pem -in > gvm_cert.pem -inkey gvm_sk.pem -out gvm_sk.p12 > Loading 'screen' into random state - done > Enter PEM pass phrase: > Error unable to get local issuer certificate getting chain. > -> Generated an Application Error pop-up!
Make use of the -CAfile (or -CApath) command line option to specify the location where to look for CA certificates: openssl pkcs12 -chain -CAfile ca_cert.pem -export -in gvm_cert.pem ... Best regards, Lutz -- Lutz Jaenicke [EMAIL PROTECTED] http://www.aet.TU-Cottbus.DE/personen/jaenicke/ BTU Cottbus, Allgemeine Elektrotechnik Universitaetsplatz 3-4, D-03044 Cottbus ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]