[thelist] SSL Certificate Question
Burhan Khalid
thelist at meidomus.com
Thu Mar 24 00:37:09 CST 2005
Hello Everyone:
We are purchasing a SSL certificate from Thawte for one of our
clients. The certificate will be used in two capacities ... one, to
secure the site and secondly to authenticate against a remote server
that is their payment gateway.
The problem is that the client's server is running Tomcat, and the
gateway is running IIS. We got the certificate in PKCS#7 format; and it
installed in Tomcat just fine.
When we sent the certificate to the gateway provider to install at
their location, they told us that the certificate is not compatible with
IIS, and we need a X.509 certificate.
Now Thawte is telling us that we need to purchase the certificate
again to get it in "DER encoded binary" format, which apparently is what
IIS understands. Is this a normal thing? We can't convert the certificate?
I'm a bit doubtfull of the Windows certificate conversion tool. I've
experimented with trial certificates from Thawte, and whenver I ask it
to convert a certificate to PKCS, it spits out some binary garbage, that
I can't import into Tomcat because it doesn't detect it as a valid X.509
certificate; the certificate that I get from Thawte in PKCS format is
plain text, and I just copy and paste it into a file, and it imports fine.
Any ideas? Do we need to purchase it again?
Regards,
Burhan
More information about the thelist
mailing list