[openssl-users] pkcs12 is no encryption possible for certs?

Viktor Dukhovni openssl-users at dukhovni.org
Fri Feb 13 20:32:35 UTC 2015

On Fri, Feb 13, 2015 at 12:02:06PM -0800, Michael Sierchio wrote:

> Whenever I hear someone talking about encrypting a certificate, I
> conclude that they are horribly confused. A cert is signed, over the
> entire contents, so integrity is reducible to the cryptographic
> algorithms employed. A cert is not a secret, does not contain secrets,
> etc.

And yet, PKCS#12 objects are encrypted, and include certificates.


More information about the openssl-users mailing list