After our upgrade to 3.0 I noticed that our SMIME cert had expired and I renewed it. The OTRS instructions for this start with generating a signing request which isn't how these email certs are done by most authorities anymore. Now the authority has your browser generate a private key, request, and they sign it on the fly. So using it requires importing the private key into the OTRS system.
I can export the keypair as a .p12 and the cert/root cert as .crt files from the browser. The crt files import fine but the .p12 does not. What format does OTRS want the keys to be in or how do I go about manually installing the files?
[RESOLVED] SMIME issues
Moderator: crythias
[RESOLVED] SMIME issues
Last edited by shaitand on 01 Nov 2011, 19:44, edited 1 time in total.
Re: SMIME issues
This is the solution for anyone else who needs it. Takes mycert.p12 in and extracts userkey.pem and usercert.pem which can be imported through the GUI. Will ask for the phrase used when exporting and the phrase for the extracted private key.
Code: Select all
$ openssl pkcs12 -nocerts -in mycert.p12 -out userkey.pem
$ openssl pkcs12 -clcerts -nokeys -in mycert.p12 -out usercert.pem