Background
MS Outlook uses Digital IDs (sometimes called Digital Certificates)
to automatically unlock encrypted e-mails utilizing the
S/MIME format. For some products, such as Digital Indigo's
Indigo Form Mail (IFM) you need to find the public key from
a Digital ID.
PHP
programmers also need the public key from a Digital ID if
they plan to use the openssl_pkcs7_encrypt() function. Additional
information is included in the output for uses such as the
openssl_pkcs7_decrypt() command.
Getting
The Digital ID Into A File.
We will assume your existing Digital ID is already installed
in MS Outlook. In this case start Outlook and navigate as
follows:
Tools -> Options -> Security (Tab) -> Import/Export
Digital ID... (Button)
Next
click the radio button aside of "Export Your Digital
ID to a file..."
Use
the Select button to select your certificate.
Click
on the Browse button to choose where to save your Digital
ID. (For example you may wish to save it on the Desktop
as file digitalid.pfx.)
Choose
a password for your certificate.
Now
FTP the digitalid.pfx file to your Linux server. Be sure
you have OpenSSL installed.
Run
the following command to extract the components of your
Digital ID to an ASCII file:
openssl pkcs12 -in digitalid.pfx -out chain.txt
The
resulting file, chain.txt will contain a bundle of data
extracted from your Digital ID. This includes your private
key! BE CAREFUL!
You
can now look through chain.txt. You will see your private
key, the certificate for your public key, and some certificates
for your Digital ID provider.
Copy
everything from (and including) -----BEGIN CERTIFICATE-----
to ---END CERTIFICATE-----. This is the public key, and
what you use for IFM as well as the key variable on the
openssl_pkcs7_encrypt() function of PHP.
Related
Topics & Information |
|
None |
|
|
|
|