If it's exported as a DER file, it's already in an X509 structure. If it's exported as a PKCS#12 file, then OpenSSL has tools for parsing that too. I don't really understand what your problem is.
MS's cryptography system is built around the concept of FIPS compliance. That means that it's almost impossible to get the certificates and keys out of it without going through its defined interfaces. This means, on windows 2000+, using certmgr.msc to manage them and export them to DER or P12. -Kyle H On 4/27/06, Matthieu BONETTI <[EMAIL PROTECTED]> wrote: > Hello, > > I agree on the fact that MS can import/export certificates in DER format (and > pk12 as well). > I'm not familiar with MS system and MS programmation but I understood that > Windows really stores > certificates in pieces (In the registry, in files in UserData directory). So > what I need is to > get the certificate (with MS Capicom API) and change it to feet into a X509 > structure. > > That way, it would be possible for me to use the certificate with OpenSSL. > > On Thu, 27 Apr 2006 12:19:33 +0400 (MSD), [EMAIL PROTECTED] wrote: > > I think yes. MS stores certificates in DER format. You can pass it to > > OpenSSL with "-inform DER" key. Or you can convert DER to PEM with > > OpenSSL. > > > > > >> Hello, > >> > >> Is there a way to use Microsoft stored certificates with OpenSSL? I > > can\'t find anything on this. > >> I can access to those certificates using CAPICOM, but OpenSSL requires a > > PEM file. > >> > >> Regards, > >> > >> -- > >> Matthieu Bonetti > >> Mobile. +33 684 957 844 - Portable. 06 84 95 78 44 > >> > >> ______________________________________________________________________ > >> OpenSSL Project http://www.openssl.org > >> User Support Mailing List openssl-users@openssl.org > >> Automated List Manager [EMAIL PROTECTED] > >> > > > > > > ______________________________________________________________________ > > OpenSSL Project http://www.openssl.org > > User Support Mailing List openssl-users@openssl.org > > Automated List Manager [EMAIL PROTECTED] > -- > Matthieu Bonetti > Mobile. +33 684 957 844 - Portable. 06 84 95 78 44 > > ______________________________________________________________________ > OpenSSL Project http://www.openssl.org > User Support Mailing List openssl-users@openssl.org > Automated List Manager [EMAIL PROTECTED] > ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
