[Freeipa-users] PEM and DER certificate formats
John Dennis
jdennis at redhat.com
Fri Jan 6 22:08:14 UTC 2012
On 01/06/2012 04:55 PM, Rob Crittenden wrote:
> The cli outputs a base64 blob of data.
Yes, it output a base64 blob to stdout. But that base64 blob is
completely non-standard as an exchange format, it's just a textual
encoding of the binary DER data.
However the cli can write PEM format to a file using the --out option.
PEM is standard and you should have no problems finding code that
accepts PEM. I would strongly suggest you stick to standard PEM and use
utilities to convert it to DER only if the software you're importing it
is borked and can't accept PEM.
> If you took that and ran it through a base64 decoder you'd have DER
> format. You can't get DER directly right now. We could probably add
> an option to write a file in DER format if you wanted to open an RFE
> on our trac instance.
--
John Dennis <jdennis at redhat.com>
Looking to carve out IT costs?
www.redhat.com/carveoutcosts/
More information about the Freeipa-users
mailing list