[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Help-gnutls] Exporting a PKCS#12 structure without the private key
From: |
Fabian Fagerholm |
Subject: |
[Help-gnutls] Exporting a PKCS#12 structure without the private key |
Date: |
Mon, 08 Nov 2004 21:44:10 +0200 |
Hi!
I've created a PKCS#12 file using gnutls certtool to distribute a
certificate to some clients. However, it seems that certtool includes
both the certificate and the private key in that file. But I absolutely
do not want to distribute the key, only the certificate.
From rom rom reading the OpenSSL mailing lists, I've learned that PKCS#12 files
typically include both the certificate and the private key, but that it
isn't stricly neccessary. A development version of OpenSSL can generate
PKCS#12 files with either only the certificate or only the key. This
option was not available before, because some programs had trouble
handling such files.
I also read that the certificate might be put into a PKCS#7 structure
and the key in a PKCS#8 structure, but I have no idea if these formats
are supported anywhere. Certtool seems to support PKCS#8 keys, but I
don't know how that is going to help.
Can certtool be used to put only the certificate into a PKCS#12
structure? Or is there another format besides PEM that would allow me to
distribute only the certificate?
Please Cc me on replies, I'm not subscribed to help-gnutls.
Many thanks,
--
Fabian Fagerholm <address@hidden>
signature.asc
Description: This is a digitally signed message part
- [Help-gnutls] Exporting a PKCS#12 structure without the private key,
Fabian Fagerholm <=