2. Now convert the local .pfx file to a .pem file. This can be done with the OpenSSL utility using
the console command line:
> openssl pkcs12 -in gateway.pfx -out gateway.pem -nodes
In this command line example, the file exported from the CA server is assumed to be called
gateway.pfx and it is assumed to be in the same local directory as the OpenSSL executable.
The original gateway.pfx file contained 3 certificates: CA root certificate, a personal certificate
and a private key certificate. The gateway.pem file now contains these in format which can be
cut and pasted with a text editor.
Note
OpenSSL is being used here as a conversion utility and not in its normal role as a
communication utility.
3. Create two blank text files with a text editor, such as Windows Notepad. Give the files the
same filename but use the extension .cer for one and .key for the other. For example,
gateway.cer and gateway.key might be the names.
4. Start a text editor and open the downloaded .pem file and locate the line that begins:
-----BEGIN RSA PRIVATE KEY-----
5. Mark and copy into the system clipboard that line and everything under it, up to and including
the line:
-----END RSA PRIVATE KEY-----
6. Now paste the copied text into the .key file and save it.
7. Back in the .pem file, locate the line that begins:
-----BEGIN CERTIFICATE-----
and copy into the system clipboard that line and everything under it, up to and including:
-----END CERTIFICATE-----
8. Now paste this copied text into the .cer file and save it.
The saved .key and .cer files are now ready for upload into NetDefendOS.
3.8.3. CA Certificate Requests Chapter 3. Fundamentals
152
To Next Page
Loading...
