Nelson,
thanks very much for the clear answer - I did not realize that the
Mozilla NSS does not support PKCS#8.
I also agree with you that PKCS#12 format is the right way to
import/export keys.
The problem is that a large number of OpenSSL based applications still
use separate files
for private key and public key cert. Actually, the problem is even
worse - some of the applications
use unencrypted private key or OpenSSL specific encrypted PEM file
(generated using 'openssl rsa' command).
Any way, thanks once again.
--
Subrata
Nelson Bolyard wrote:
> Subrata Mazumdar wrote, On 2008-09-26 07:19:
>
>> Hi,
>> I am having problem in reading PKCS#8 file generated by OpenSSL command
>> line tool ("opnessl pkcs8").
>>
>
> Officially, import and export of pkcs#8 files is not supported in NSS.
> You may or may not be able to get it to work, but because of the
> security concerns of PKCS#8 files, NSS does not support them.
>
> PKCS#12 is the supported way to import or export private keys and their
> related certificates. If you have a problem with PKCS#12, you can get
> support from the NSS team.
>
> PKCS#12 is the one universally implemented private key transport method.
> OpenSSL also supports PKCS#12, and so does Windows.
>
_______________________________________________
dev-tech-crypto mailing list
dev-tech-crypto@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-tech-crypto
