Re: How to create pfx-file from pem-file (with signed certificate) and private key ?
On Fri December 16 2011, _daxh_ wrote: Hello. I have signed certificate stored in cert.pem file. Also I have private key stored in iPhoneMyBase64PrivateKey.pem. Then I can use the fillowing openSSL comand: $openssl pkcs12 -export -out certificate.pfx -inkey iPhoneMyBase64PrivateKey.pem -in cert.pem to create certificate.pfx, that could be properly installed into iPhone system security stoarage as Security Profile. How to create this pfx file from cert and privatekey without openSSL ? because I need to create it programmatycally on iPhone. I already familiar with ASN.1, I've already read different pdf's at rsa laboratories and etc. But there are a lot of different options, and I can not understand what parts should be encrypted, with what keys, what parts should be signed and so on. So, is it possible to find somewhere somekind of step-by-step guide: Here is the step-by-step of the command you are using: http://cvs.openssl.org/fileview?f=openssl/apps/pkcs12.cv=1.79.2.12 Also found along the same path in your copy of the source. Just ignore the parts that do not apply in your end-use case. Mike 1) Encypt signed cert with public key 2) Create key safebag . ...) add octet string with BER encoding . ...) Concatenate all data in SEQUENCE and so on Any information will be the great help: comments, links and so on. __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
Re: How to create pfx-file from pem-file (with signed certificate) and private key ?
On Fri, Dec 16, 2011, Michael S. Zick wrote: On Fri December 16 2011, _daxh_ wrote: Hello. I have signed certificate stored in cert.pem file. Also I have private key stored in iPhoneMyBase64PrivateKey.pem. Then I can use the fillowing openSSL comand: $openssl pkcs12 -export -out certificate.pfx -inkey iPhoneMyBase64PrivateKey.pem -in cert.pem to create certificate.pfx, that could be properly installed into iPhone system security stoarage as Security Profile. How to create this pfx file from cert and privatekey without openSSL ? because I need to create it programmatycally on iPhone. I already familiar with ASN.1, I've already read different pdf's at rsa laboratories and etc. But there are a lot of different options, and I can not understand what parts should be encrypted, with what keys, what parts should be signed and so on. So, is it possible to find somewhere somekind of step-by-step guide: Here is the step-by-step of the command you are using: http://cvs.openssl.org/fileview?f=openssl/apps/pkcs12.cv=1.79.2.12 Also found along the same path in your copy of the source. Just ignore the parts that do not apply in your end-use case. While that will work the pkcs12.c application is a general purpose PKCS#12 file creator which may well be more complex than the OPs needs. There is also a much simpler PCKS12_create() function with and example in demos/pkcs12/pkwrite.c however that assumes you have OpenSSL available on the iPhone (not sure about that). An alternative might be to find out what happens when you import a PKCS#12 file (i.e. the API it uses to import a certificate and private key) and use those directly on the PEM files without going through an intermediate PKCS#12 files. Steve. -- Dr Stephen N. Henson. OpenSSL project core developer. Commercial tech support now available see: http://www.openssl.org __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
Re: How to create pfx-file from pem-file (with signed certificate) and private key ?
On Friday 16 Dec 2011 12:45:11 you wrote: On Fri, Dec 16, 2011, Michael S. Zick wrote: On Fri December 16 2011, _daxh_ wrote: Hello. I have signed certificate stored in cert.pem file. Also I have private key stored in iPhoneMyBase64PrivateKey.pem. Then I can use the fillowing openSSL comand: $openssl pkcs12 -export -out certificate.pfx -inkey iPhoneMyBase64PrivateKey.pem -in cert.pem to create certificate.pfx, that could be properly installed into iPhone system security stoarage as Security Profile. How to create this pfx file from cert and privatekey without openSSL ? because I need to create it programmatycally on iPhone. I already familiar with ASN.1, I've already read different pdf's at rsa laboratories and etc. But there are a lot of different options, and I can not understand what parts should be encrypted, with what keys, what parts should be signed and so on. So, is it possible to find somewhere somekind of step-by-step guide: Here is the step-by-step of the command you are using: http://cvs.openssl.org/fileview?f=openssl/apps/pkcs12.cv=1.79.2.12 Also found along the same path in your copy of the source. Just ignore the parts that do not apply in your end-use case. While that will work the pkcs12.c application is a general purpose PKCS#12 file creator which may well be more complex than the OPs needs. There is also a much simpler PCKS12_create() function with and example in demos/pkcs12/pkwrite.c however that assumes you have OpenSSL available on the iPhone (not sure about that). An alternative might be to find out what happens when you import a PKCS#12 file (i.e. the API it uses to import a certificate and private key) and use those directly on the PEM files without going through an intermediate PKCS#12 files. Steve. Not sure if the OP has seen this or if they meet his needs: https://github.com/rae/build-openssl-iphone -- Regards, Mick signature.asc Description: This is a digitally signed message part.
