[SCM] GNU gnutls branch, master, updated. gnutls_2_9

gnutls-commit

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[SCM] GNU gnutls branch, master, updated. gnutls_2_9_7-3-gd1b5f97

From:	Simon Josefsson
Subject:	[SCM] GNU gnutls branch, master, updated. gnutls_2_9_7-3-gd1b5f97
Date:	Wed, 14 Oct 2009 09:47:23 +0000

This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "GNU gnutls".

http://git.savannah.gnu.org/cgit/gnutls.git/commit/?id=d1b5f97940fe09e3e2baf7da3b4968f7e53be034

The branch, master has been updated
       via  d1b5f97940fe09e3e2baf7da3b4968f7e53be034 (commit)
      from  6e7f7b9d7b9b26872ee071582dc51a5c57e63182 (commit)

Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.

- Log -----------------------------------------------------------------
commit d1b5f97940fe09e3e2baf7da3b4968f7e53be034
Author: Simon Josefsson <address@hidden>
Date:   Wed Oct 14 11:47:19 2009 +0200

    Mention that sometimes CA certs needs to be included in PKCS#12 files.
    
    Reported by Ivars Suba <address@hidden>.

-----------------------------------------------------------------------

Summary of changes:
 doc/gnutls.texi |   13 ++++++++++++-
 1 files changed, 12 insertions(+), 1 deletions(-)

diff --git a/doc/gnutls.texi b/doc/gnutls.texi
index bc167a1..5f168c5 100644
--- a/doc/gnutls.texi
+++ b/doc/gnutls.texi
@@ -2914,6 +2914,17 @@ $ certtool --load-certificate cert.pem --load-privkey 
key.pem \
   --to-p12 --outder --outfile key.p12
 @end example
 
+Some tools (reportedly web browsers) have problems with that file
+because it does not contain the CA certificate for the certificate.
+To work around that problem in the tool, you can use the
address@hidden parameter as follows:
+
address@hidden
+$ certtool --load-ca-certificate ca.pem \
+  --load-certificate cert.pem --load-privkey key.pem \
+  --to-p12 --outder --outfile key.p12
address@hidden example
+
 @item
 Proxy certificate can be used to delegate your credential to a
 temporary, typically short-lived, certificate.  To create one from the
@@ -3362,7 +3373,7 @@ applications, you will need to convert them into a 
PKCS#12 structure.
 This also encrypts the security sensitive key with a password.
 
 @example
-certtool --to-p12 --load-privkey x509-client-key.pem --load-certificate 
x509-client.pem --outder --outfile x509-client.p12
+certtool --to-p12 --load-ca-certificate x509-ca.pem --load-privkey 
x509-client-key.pem --load-certificate x509-client.pem --outder --outfile 
x509-client.p12
 @end example
 
 For icing, we'll create a proxy certificate for the client too.


hooks/post-receive
-- 
GNU gnutls

[Prev in Thread]

Current Thread

[Next in Thread]

[SCM] GNU gnutls branch, master, updated. gnutls_2_9_7-3-gd1b5f97, Simon Josefsson <=

Prev by Date: [SCM] GNU gnutls branch, master, updated. gnutls_2_9_7-2-g6e7f7b9
Next by Date: [SCM] GNU gnutls branch, master, updated. gnutls_2_9_7-4-g9eba9e6
Previous by thread: [SCM] GNU gnutls branch, master, updated. gnutls_2_9_7-2-g6e7f7b9
Next by thread: [SCM] GNU gnutls branch, master, updated. gnutls_2_9_7-4-g9eba9e6
Index(es):
- Date
- Thread