Hi,
I'm new to this list, and I did not find anything obvious matching my
problem in the mail archives, so please excuse me if it's a FAQ or if
the question is silly.
I'm using OpenSSL 0.9.5a to sign messages with a certificate that I
have exported from Netscape and converted to PEM format with 'openssl
pkcs12'.
My problem is that I can't find how to protect my private key. To have
an explict ----BEGIN RSA PRIVATE KEY---- section in the PEM file, I
need the -nodes option to the pkcs12 command, otherwise the private is
is hidden in the certificate. But in the -nodes case the private key
is not protected at all.
It seems that the openssl smime -sign need an explicit RSA private key
in the file passed to -signer or in the file specified with
-inkeys. (It barfs if I use -signer with the certificate generated
with 'openssl pkcs12' without the -nodes option). So, how can I
generate a private key file protected by a pass phrase for use with
'openssl smime -sign ...' ?
Thanks in advance.
--
Matthieu
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]