Pocket PC 2003

Unfortunately, Pocket PC 2003 does not want support .p12 certificate files. It prefers a Microsoft proprietary format. Fortunately, somebody reverse-engineered this format, and wrote a conversion tool to convert openssl certificates to this format. Unfortunately, Microsoft does not provide a utility to import certificates, it only provides a utility to delete certificates^2.6. Fortunately, somebody wrote a tool to import those certificates into the handheld devices certificate store.

To create such a certificate, use these commands (the pvk utility can be found on http://www.jacco2.dds.nl/networking/crtimprt.html):

openssl crl2pkcs7 -certfile newcert.pem -certfile \

./demoCA/cacert.pem -nocrl -outform PEM -out usercrt.p7b

pvk -in newreq.pem -topvk -nocrypt -out userkey.pvk

Next, get the crtimport-utility from http://www.jacco2.dds.nl/networking/crtimprt.html, and copy the cert, the certimport-utilty and the crtimport.cfg-file to the handheld device (Store all these files in 'My Documents', otherwise the import will fail, unless you change crtimport.cfg). Run the crtimprt executable, it should tell you, that the certificates have been imported fine. Set up the VPN-Connection with the tool, Microsoft provides, and you're done.