> From: owner-openssl-us...@openssl.org On Behalf Of Santhosh Kokala > Sent: Wednesday, 20 February, 2013 19:33
> I get this error when I try to convert it to PEM format. > > > [~]$ openssl pkcs7 -in ca_ra_cert.bin -print_certs > unable to load PKCS7 object > 140065214732104:error:0906D06C:PEM routines:PEM_read_bio:no > start line:pem_lib.c:698:Expecting: PKCS7 > See below. > [~]$ openssl asn1parse -in ca_ra_cert.bin -inform der > -strparse 0 -out test | less -strparse 0 -out $file is silly, that just copies the (valid) file you already have. See below. > -----Original Message----- > From: owner-openssl-us...@openssl.org > [mailto:owner-openssl-us...@openssl.org] On Behalf Of Dave Thompson > Sent: Wednesday, February 20, 2013 3:51 PM <snip> > Or openssl asn1parse, likely available to anyone asking here > even on non-Linux; with -inform der if applicable which it is > here (easily determinable with any kind of octal or hex dump > or a good guess for anything that doesn't look like base64). <snip> > "openssl pkcs7 -in $file -print_certs" displays the three > certs (each) in PEM, which you can cut apart with any > reasonable editor. The two child certs may or may not be > useful; the CA cert apparently won't. > Sorry I left it out, but you might have put 2 and 2 torgether; "openssl pkcs7" like asn1parse needs -inform der if the file is DER, which yours is. > Or less convenient you can use > openssl asn1parse -in $file -inform der > -strparse $offsetpercert -out $derfilepercert to get each > cert in DER in a file, and then use > openssl x509 -in $certder -inform der -out $certpem to > convert each to PEM. With the same results. > For the three certs in yhour message the -strparse offsets would be 45 1523 2983 . ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
