We've created a CSR with Template "(No template) CNG key" and received our certificate from a valid CA.
However, it seems our product (VMWare Horizon) doesn't like CNG and we are trying to figure if we can convert the CSR and/or certificate to the legacy CryptoAPI.
I've found command such as:
openssl pkcs12 -in cert.crt -out cert.pem
But which result in this error:
140403888732064:error:0D0680A8:asn1 encoding routines:ASN1_CHECK_TLEN:wrong tag:tasn_dec.c:1343:
140403888732064:error:0D07803A:asn1 encoding routines:ASN1_ITEM_EX_D2I:nested asn1 error:tasn_dec.c:393:Type=PKCS12
So I guess the certificate I've received is already x509 and not pkcs12.
Is there a way to achieve what I'm trying to achieve without create a new CSR and requesting a new certificate to my CA?
