On Tue, 2020-03-03 at 13:11 +0200, David Woodhouse wrote: > On Tue, 2020-03-03 at 09:02 +0100, Grant Williamson wrote: > > In our use case. We are provided a p12 file. > > We are testing om RHEL 8. > > Where improvement could take place, my thoughts. > > > > - instructions on how to extract the private key and the certs from > > the p12(see below) > > I'm definitely going for the "if it needs documenting, fix it first" > approach on that one. > > I don't want to tell users how to convert between different file > formats. I want software just to silently *accept* the sensible file > formats instead. > > So this really ends up being a feature request for James: the > create_tpm2_key tool ought to support importing keys from PKCS#12 > files. OK, this one looks like a fairly easy one: pkcs12 can have multiple certificates but only one key, so I just have to extract it. It's a der file, so it's fairly easy to distinguish from a PEM private key which is what we currently accept, so I think I can simply add it to the current options. I'll cook up a patch and send it to the list with you on the cc. James
Attachment:
signature.asc
Description: This is a digitally signed message part
_______________________________________________ openconnect-devel mailing list openconnect-devel@xxxxxxxxxxxxxxxxxxx http://lists.infradead.org/mailman/listinfo/openconnect-devel
