Hi James,
I guess IIS recognizes certificates with .cert as file extension. Try
naming the certificate you get out of OPENssl as .cert instead of .pem.
One more thing.. edit the certificate given by OPENssl and see if it has
text in it. If I remember well, openssl certificates have both text and
encoded text in the certificate.
If you open it you should see stuff like subject name, issuer name etc.
IIS doesn't like this format. It only needs the encoded text. So remove
all human readable stuff from the openssl generated certificate. And just
leave everything in between
-----BEGIN CERTIFICATE-----
and
-----END CERTIFICATE-----
including these two lines intact. Then rename the file as whatever.cert
and IIS should recognise it. When I had the same problem I hacked into
openssl code so that it generated only the encoded certificate(commented a
few fprintf statements). I don't know if it is a good practice though.
Thanks
Rakesh
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
