Unless otherwise noted, articles © 2005-2008 Doug Spencer, SecurityBulletins.com. Linking to articles is welcomed. Articles on this site are general information and are NOT GUARANTEED to work for your specific needs. I offer paid professional consulting services and will be happy to develop custom solutions for your specific needs. View the consulting page for more information.

Converting iPlanet Certificates to PEM

From SecurityBulletins.com

Revision as of 01:20, 11 December 2006 by Doug (Talk | contribs)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search

Written by Doug Spencer 12/10/2006

The following steps will convert a Netscape or iPlanet SSL certificate to the commonly used PEM format. The process shown first creates a copy of your existing certificates to avoid corrupting them, then converts the copied certificates to PEM format. The INSTANCE-HOST items should be replaced with the actual values for your implementation of iPlanet. The certificate will be in the file called "out.pem" after this process is completed.

This process should work with Fedora Directory Server, Netscape Directory Server, Sun ONE, iPlanet and other derivatives of the Netscape web server.

cd alias
mkdir new
cd new
cp ../https-INSTANCE-HOST-cert7.db cert7.db
cp ../https-INSTANCE-HOST-key3.db key3.db
cp ../secmod.db . 
pk12util -o out.txt -n Server-Cert -d . 
openssl pkcs12 -in out.txt -out out.pem

Personal tools