The certificate contains the public key and other stuff--identifying
information--and the whole thing is digitally signed by the certificate
authority.

The OpenSSL utility can extract the certificate from the message.  Save the
message, including MIME headers, in a file 'message.txt' and do:
 openssl smime -in message.txt -pk7out | openssl pkcs7 -print_certs
>certout.pem

The certout.pem is the certificate in the form that OpenSSL likes to use,
"Base-64 encoded X.509 Certificates", preceded by the identifying
information in human-readable form.  If you're going to use it with my Perl
program, add a line at the end (after "-----END CERTIFICATE-----") with
"sendto=Dave <[log in to unmask]>" (or whoever the certificate is for).

E-mail programs such as Outlook can import and export in this format, too.

----- Original Message -----
From: "Dave" <[log in to unmask]>
To: <[log in to unmask]>
Sent: Tuesday, January 29, 2002 12:32 PM
Subject: [HP3000-L] Extracting a certificate


> I got a certificate and installed it in Outlook.  Then I signed a message
> and sent it to my Unix box.  I received the e-mail just fine. How do I
> extract the public key to store on my end?  Are the users certificate and
> users public key different things?
>
> * To join/leave the list, search archives, change list settings, *
> * etc., please visit http://raven.utc.edu/archives/hp3000-l.html *

* To join/leave the list, search archives, change list settings, *
* etc., please visit http://raven.utc.edu/archives/hp3000-l.html *