Hi All, First message to the list!
I have created a PKCS12 certificate and imported it into Kmail. However, when
I try to select it as the preferred key for my email account, it comes up
with a red x across the key symbol. I take this to mean that it is
unsuitable. When I check it with Kleopatra I see this under Dump:
============================================
keyType: 4096 bit RSA
subjKeyId: [?]
authKeyId: [?]
keyUsage: [error: No value]
extKeyUsage: [none]
policies: [none]
chainLength: [error: No value]
crlDP: [error]
authInfo: [error]
subjInfo: [error]
============================================
It also shows under Details:
============================================
Can be used for signing No
Can be used for encryption No
Can be used for certification No
Can be used for authentication No
============================================
gpgsm also spits out some errors:
============================================
validity: 2007-05-19 18:12:12 through 2010-05-18 18:12:12
key type: 4096 bit RSA
key usage: [error: No value]
chain length: [error: No value]
============================================
However, when I am examining the email.crt certificate I created with openssl
x509, which I later fed into openssl pkcs12 to create the pkcs12 certificate
everything seems to be in order:
============================================
Certificate purposes:
SSL client : Yes
SSL client CA : No
SSL server : Yes
SSL server CA : No
Netscape SSL server : Yes
Netscape SSL server CA : No
S/MIME signing : Yes
S/MIME signing CA : No
S/MIME encryption : Yes
S/MIME encryption CA : No
CRL signing : Yes
CRL signing CA : No
Any Purpose : Yes
Any Purpose CA : Yes
OCSP helper : Yes
OCSP helper CA : No
============================================
Any ideas what I've done wrong?
--
Regards,
Mick
pgpdwzzLlEOuO.pgp
Description: PGP signature
