On Tue, 3 Apr 2001, Andreas Schuldei wrote:

> I just downloaded the trial version of pgpnet.
> Has anyone beed successfull in setting this up to work with
> isakmpd and X509 certificates?
> I will spend some time (30 days?) to get this going, it would be
> great to get some head start, though.

You probably don't need to spend 30 days on this, since others have been
here before. PGPnet works fine with OpenBSD (you may need to tweak the
transform "group description" parameters since last time I looked the
autogenerated ones in isakmpd didn't match the defaults in PGPnet).

You need to create an RSA private key, generate a CSR, get it signed by
your CA, do the certpatch stuff and use OpenSSL to create a PKCS#12
package containing private key, cert and CA key. Give this a .p12
extension and you can import it straight into PGPkeys for use with PGPnet.

Hope this helps.

Adrian Close email: adrianesec.com.au
Network Architect phone: +61 3 8371 5300
eSec Limited fax: +61 3 8371 5399
PO Box 416, Flemington, VIC, Australia, 3031 web: http://www.esec.com.au

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]