I am trying to load an S/MIME signing certificate for a specific Outlook 365 user via PowerShell. The command I am supposed to use is:
Set-Mailbox <identity> -UserSMimeCertificate <MultiValuedProperty>
The problem is, I have the S/MIME certificate as a.pfx file. How do I convert the.pfx file to a <MultiValuedProperty>
?
A pfx file is a PKCS#12 file. userSMIMECertificate
is designed to hold a PKCS#7 signed message which contains the public certificate, but can also hold any intermediate certificates as well information about the client's cipher capabilities (therefore multi-valued).
Because the contents of userSMIMECertificate
is a signed message, the private key is required to sign.
Please see this question and its answers for details.
You can use openssl to create such a signed message. To create a signed message, include some additional certificates and read the private key from another file:
openssl smime -sign -in in.txt -text -out mail.msg -signer mycert.pem -inkey mykey.pem -certfile mycerts.pem
To convert pfx to pem:
openssl pkcs12 -in mykey.pfx -out mykey.pem
The Windows Certificate Manager (certmgr) may be able to perform the conversion as well if you import (check allow re-exporting private key), then export the private and the public key separately.
A PKCS#7 signed message may also be created using an email client. See above mentioned question and its answers for details.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.