Hi, I noticed a strange behaviour while importing certificates generated with openssl 0.9.5 into MS IE4. The context : inside a community of users (let's think of it as an Intranet), we use a self-signed CA. This CA signed my CA. With this CA, I generate users certificates. I use the following oppenssl command to export them to the end users : openssl pkcs12 -chain -export -in newcerts/$serial.pem \ -inkey private/$serial.pem -name "$user" -out "$user.p12" \ -caname $mycaname The certificates can be imported into Netscape 4.x and MS IE5, but not into MS IE4. If I import the certificate into Netscape and reexport it, the resulting certificate can be imported in MS IE4. So what does Netscape's export that "openssl pkcs12 -export" doesn't ? -- Roland Dirlewanger CNRS - Delegation Aquitaine et Poitou-Charentes Esplanade des Arts et Metiers 33402 TALENCE CEDEX Mail : [EMAIL PROTECTED], Tél : 05.57.35.58.52, Fax : 05.57.35.58.01 ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]