Fady AbuZuaiter
asked on
Generate Certificate for MAC
Hello,
I want to generate certificate for a MAC from AD CA Authority to use it in email encryption byt i need the certificate in pfx extension to be able to install it in My certificate at the keychain.
i have the private key, the csr and the certificate generated. how i can convert this certificate from cer extension to pfx.
Please help.
I want to generate certificate for a MAC from AD CA Authority to use it in email encryption byt i need the certificate in pfx extension to be able to install it in My certificate at the keychain.
i have the private key, the csr and the certificate generated. how i can convert this certificate from cer extension to pfx.
Please help.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Hi All,
This is correct . I want to convert the cer certificate generating by CA to pfx certificate.
This is correct . I want to convert the cer certificate generating by CA to pfx certificate.
How are you getting the cert, are you using GPO to autoenroll user/computers, then use mmc certificate to export the pfx?
Usually, a Windows CA issues the cert with private key, it San be imported using mmc certificate or used on the Mac......
Using efitor to separate the private key from the certificate.
Usually, a Windows CA issues the cert with private key, it San be imported using mmc certificate or used on the Mac......
Using efitor to separate the private key from the certificate.
ASKER
For windows it is auto enrollment but i need the correct way for mac
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
The mac not a member system .
This certificate will use for smime
This certificate will use for smime
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Thanks btan.
Question once i generate the certificate.CER i should run the openssl command or shall i modify the certificate first to convert it to pfx.
Question once i generate the certificate.CER i should run the openssl command or shall i modify the certificate first to convert it to pfx.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Thanks but question the private key output will be in key extension and for the intermediate is this the certificate with chain ?
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
I'm getting this error "unable to load certificates".
PS. the intermediate Certificate or Chain CA coming with the extension p7b and my downloaded certificate from the CA coming with extension cer.
Regards,
PS. the intermediate Certificate or Chain CA coming with the extension p7b and my downloaded certificate from the CA coming with extension cer.
Regards,
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
once i run the command to convert p7b to her i got the below error
openssl pkcs7 -print_certs -in certnew.p7b -out certnew1.cer
unable to load PKCS7 object
140735177785424:error:0906 D06C:PEM routines:PEM_read_bio:no start line:pem_lib.c:703:Expecti ng: PKCS7
openssl pkcs7 -print_certs -in certnew.p7b -out certnew1.cer
unable to load PKCS7 object
140735177785424:error:0906
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
As advised and guided in the solutions.
You need to convert from a .pfx file to a pEM format.
If the Mac has access to the certreq of the certificate issuing, you can use OpenSSL to generate the certificate request form, that you can then paste into the cert req form, the response will be tge certificate with the certificate chains.
Opened.org has example to convert a pfx to a pEM format.