Re: [DCP-o-matic] KDM snafu

Hi Jim, I'm afraid the keys for the root and intermediate certificates are discarded shortly after they are created. So I really can't think of a way round this other than getting a new KDM. Sometimes it's best to just send the leaf certificate to avoid these problems. Sorry about that, Carl On Mon, 18 Nov 2019, Jim Dummett wrote: > Hi all. > > A filmmaker has sent me a DKDM to decrypt their DCP. > > I sent them the certificate chain, and unfortunately they seem to have > targeted the KDM at the root cert rather than the leaf cert, so I can't > "unlock" the DCP in DCP-o-matic. > > This particular filmmaker is in a far far away land and has been hard to get > hold of, so I am worried I may not be able to get a new KDM issued in time for > the screening. > > Is there any way to switch around the certs in DCP-o-matic so the root cert is > used to decrypt? I can only see one private key in config.xml, which I assume > is for the leaf cert. However, I guess a private key must have been created > for the root cert too, in order to sign the intermediate cert. Does this > private key get saved anywhere? > > If anyone is able to help, would be hugely appreciated. > > Many thanks, > > Jim > >