Re: 0.29.0 - PKCS12 Certificates Only?

From: Ben Collins-Sussman <sussman_at_collab.net>
Date: 2003-09-08 22:48:58 CEST

Doug Dicks <dwd-l@revelanttech.com> writes:

> Was there a big security problem with PEM certs?

I'm sure there's no security issue; PEM and PCKS12 are the same data,
just formatted differently on disk.

The issue is that the latest neon library decided to drop support for
them, and therefore svn did as well.

I imagine PKCS12 is just easier to deal with, because it contains the
keyfile within it. It's also the "standard" format that most web
browsers use these days.

> I've been reading the various web pages returned by Google on pkcs12,
> but am still at a loss for what to do about it. I've tried several
> different ways to convert the PEM to PKCS12, but with no success.

Well, can you be more specific?

Converting a .pem file to a pkcs12 file should be a no-brainer. It's
just a matter of switching disk formats. I believe openssl has a tool
to do it. Try running 'man pkcs12', or 'openssl pkcs12 help'.

I'm guessing, but from reading the man page, you probably want to run
something like:

$ pks12 -export -out new.pkcs12 -in old.pem -inkey privatekeyfile

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org
Received on Mon Sep 8 22:50:04 2003

This message: [ Message body ]
Next message: Mukund: "Re: 0.29.0 - PKCS12 Certificates Only?"
Previous message: Doug Dicks: "0.29.0 - PKCS12 Certificates Only?"
In reply to: Doug Dicks: "0.29.0 - PKCS12 Certificates Only?"
Next in thread: Mukund: "Re: 0.29.0 - PKCS12 Certificates Only?"

Contemporary messages sorted: [ By Date ] [ By Thread ] [ By Subject ] [ By Author ] [ By messages with attachments ]