Importing certificates with a Private Key
Novell Cool Solutions: Tip
Digg This -
Posted: 24 Aug 2005
A reader recently asked the following question about importing certificates:
"I want to import an external User Certificate with the Private Key to eDirectory. Is this possible? I was only able to do this without the Private Key."
And here's the reply from Forum participant C Perry:
We were able to do this by creating a .pfx file that contains the private key and the certificate. We ran this command to create the pfx:
openssl pkcs12 -clcerts -export -inkey MDC-SSL.key -in MDC-Star.crt - out NW.pfx
Here are the basic steps:
- Ask your certificate authority for their root level certificate in a pem file (we grabbed it out of ca-bundle.pem).
- Take the chain cert from Chain.crt.
- Take the private key from MDC-SSL.key.
- Take the HMDC Star cert from MDC-Star.crt.
- Combine into one file (in the order specified).
- Name the file SOMETHING.pem.
- Now run openssl on it:
openssl pkcs12 -clcerts -export -in SOMETHING.pem -out SOMETHING.pfx
- Then import that SOMETHING.pfx through ConsoleOne.
Novell Cool Solutions (corporate web communities) are produced by WebWise Solutions. www.webwiseone.com