Find the answer to your Linux question:
Results 1 to 4 of 4
Enjoy an ad free experience by logging in. Not a member yet? Register.
  1. #1
    Linux Newbie blnl's Avatar
    Join Date
    Jan 2009
    Location
    The Netherlands
    Posts
    200

    Question Getting right TLS certificates for Linux


    Can someone please help me transfer required EAP-TLS certificates from Windows 7 to Linux? (I'm using Fedora 21)
    I have already done this for my iPhone, but certificates that work in iPhone cannot be used in Linux.

    I'm facing two major issues:
    1. Fedora does not accept .pfx certificate
    2. Fedora asks for separate Private Key file


    So far the procedure to export the certificate for use in iPhone is following.
    • Start certmgr.msc
    • Right click certificate, chose Export
    • Select "Yes, export the private key"
    • The only available file format is .PFX

    After saving, this certificate it is good for use in iPhone, but not for Linux. First issue is that the certificate is .pfx, which is not accepted by Fedora. The second issue is that the Private Key is inside the certificate, while Fedora expects separate private key.

    I'm completely stuck here, any suggestions are welcome...
    Fedora25.GNOME@Dell_Latitude_E7440
    Fedora24.MATE@HP_Compaq_DC7100

  2. #2
    Trusted Penguin Irithori's Avatar
    Join Date
    May 2009
    Location
    Munich
    Posts
    4,029
    You must always face the curtain with a bow.

  3. #3
    Linux Newbie blnl's Avatar
    Join Date
    Jan 2009
    Location
    The Netherlands
    Posts
    200
    Thanks, this looks like a step in the right direction.
    I'll explore the possibilities and post the results in this thread. To be continued...
    Fedora25.GNOME@Dell_Latitude_E7440
    Fedora24.MATE@HP_Compaq_DC7100

  4. $spacer_open
    $spacer_close
  5. #4
    Linux Newbie blnl's Avatar
    Join Date
    Jan 2009
    Location
    The Netherlands
    Posts
    200
    Quote Originally Posted by blnl View Post
    Thanks, this looks like a step in the right direction.
    I'll explore the possibilities and post the results in this thread. To be continued...
    It was a success, I'm now able to connect to the network.
    So in my case the following two steps have generated the required certificate and key file.
    Code:
    openssl pkcs12 -in cert.pfx -nokeys -out cert.pem
    openssl pkcs12 -in cert.pfx -nocerts -out key.pem
    Last edited by blnl; 05-18-2015 at 11:29 AM.
    Fedora25.GNOME@Dell_Latitude_E7440
    Fedora24.MATE@HP_Compaq_DC7100

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •