Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss
Importing certificates using certutil
126 views
Skip to first unread message
hawkinsc...@googlemail.com
May 1, 2009, 3:25:57 AM5/1/09
to
I am having a problem importing a certificate. I am using the
following commands
/blah/certutil -D -n "s1as" -d .
/blah/certutil -A -n "s1as" -t "u,u,u" -d . -i /tmp/blah.cer
following commands
/blah/certutil -D -n "s1as" -d .
/blah/certutil -A -n "s1as" -t "u,u,u" -d . -i /tmp/blah.cer
The problem is that it will not import the certificate with the
trustargs u,u,u when I do a list of the database it shows empty
trustargs
s1as ,,,
where is should show trustargs
s1as u,u,u
Thanks Pete
Nelson B Bolyard
May 1, 2009, 1:34:17 PM5/1/09
to mozilla's crypto code discussion list
Pete, the "u" trust flags are purely dynamic. They cannot be set by a
command. They indicate that the key DB holds the private key corresponding
to the public key in the certificate. If the private key is present, the
"u" will show, and if it's not, the u will not show.
It sounds like you need to import both the certificate and the private key.
To do that, you should export the cert and private key into a PKCS#12 file
(e.g. .p12 or .pfx) and then import that using pk12util, rather than certutil.
0 new messages