tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "James H. H. Lampert" <>
Subject Re: Using a P7B certificate file
Date Tue, 10 Sep 2013 22:50:07 GMT
On 9/10/13 2:19 PM, Christopher Schultz wrote:
> "P7B" is otherwise known as a PKCS#7 file and usually contains a
> certificate. Does the file contain *only* a certificate, or does it
> also contain the key that was used to generate the CSR? If you have
> the cert but not the key, you won't be able to use it for serving HTTPS.
> Let's start with what you've actually got. You said you have a file.
> What's in the file?

Well, from what little I'd read, "A P7B file only contains certificates 
and chain certificates, not the private key." (from 

Is there a way it *can* contain the private key as well?

At any rate, it contains the typical unintelligible block of characters 
between "BEGIN PKCS7" and "END PKCS7" marks, 98 lines of 64 characters 
and a 99th line of 4 characters, approximately 6kb. I did a bit of 
futzing around with it, found I could use "keychain access" on my Mac to 
import it into an empty "keychain" file for inspection, and I found that 
it it appears to contain a root certificate, an intermediate 
certificate, and the signed SSL certificate. Looking at it with the 
corresponding utility on my WinDoze box gives the same result. Unless 
you know of something else that can inspect a P7B file, I'm guessing 
that it's just a reply to a CSR, waiting to be installed in the 
originating keystore.


To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message