OpenSSL and use with InfoPath 2003

Previous Topic Next Topic
classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view

OpenSSL and use with InfoPath 2003

Stuart Halliday
I've finally gotten OpenSSL to work on my Microsoft Windows LAN with
InfoPath 2003.

Here is the order of my use of OpenSSL to generate a .p12 cert for use in
Microsoft's InfoPath 2003 program.

I first created a Root Certification Authority Certificate on a Windows PC
using OpenSSL 0.98a which is our Server.

I then generate on this Server a Cert request for each user:
openssl req -new -keyout <person>_privatekey.pem -out <person>.csr -days 365

I then sign the request:
openssl ca -policy policy_anything -out <person>.cer -infiles <person>.csr

Infopath needs a cert with a private key so the .p12 format is required:
openssl x509 -in <person>.cer -out <person>_certx509.pem

openssl pkcs12 -export -in <person>_certx509.pem -inkey
<person>_privatekey.pem -out <person>.p12

Merge MyServer and <person> cer together into the one file.
openssl pkcs12 -export -in <person>.cer -out <person>.p12 -inkey
<person>_privatekey.pem -certfile MyServer_CA\MyServer.pem

I now place the <person>.p12 into their restricted read-only User directory.

They can then add it into MMC Certificates and it will put the MyServers
cert into the Trusted Root and the users Cert into the Personal section

I hope this is useful for other InfoPath Admins.

I've also made a .Bat file so its just a matter of typing in the passwords
and the users details.


Stuart Halliday
ECS Technology ltd
Registered in Scotland - #212513

OpenSSL Project                       
User Support Mailing List                    [hidden email]
Automated List Manager                           [hidden email]