> From: owner-openssl-us...@openssl.org [mailto:owner-openssl-
> us...@openssl.org] On Behalf Of Tom Francis
>
> > openssl pkcs12 -export -out mypkcs12.pfx -inkey my.private.key -in
> mycert.crt -certfile intermediate.crt -CAfile ca.crt
> > (Correct?)
So ... I just tried this, and confir
> From: owner-openssl-us...@openssl.org [mailto:owner-openssl-
> us...@openssl.org] On Behalf Of Michael Wojcik
>
> For someone who does want more background in cryptography, I'd
> recommend Schneier's /Applied Cryptography/ over /Cryptography
> Engineering/. The latter is for people implementing
> From: owner-openssl-us...@openssl.org [mailto:owner-openssl-
> us...@openssl.org] On Behalf Of Dave Thompson
>
> - the truststore if -CAfile and/or -CApath specified IF NEEDED
Thank you very much for your awesome detailed answer. This answers a lot of
questions, but I am left with a new one:
> From: owner-openssl-us...@openssl.org [mailto:owner-openssl-
> us...@openssl.org] On Behalf Of Kaushal Shriyan
>
> I am new to SSL/TLS Certificates. Please help me understand what is the
> difference between ROOT CA Certs and Intermediate Certs or Chain Certs. I
> will appreciate if i can refer
A bunch of things on the internet say to do "-cafile intermediate.pem -cafile
root.pem" or "-certfile intermediate.pem -certfile root.pem" and they
explicitly say that calling these command-line options more than once is ok and
will result in both the certs being included in the final pkcs12...
At work, we develop software in .NET, currently using the built-in SslStream
class, and I'm considering abandoning it.
Is Openssl recommended for SSL/TLS communications in .NET? And if so, should I
just download the win binaries from
http://slproweb.com/products/Win32OpenSSL.html ?
I'm inter