OpenSSL convert PEM to PKCS12: no certificate matches private key 

Joined:
07/27/2010
Posts:
130

February 23, 2011 13:21:12    Last update: February 23, 2011 13:21:12
I tried to convert a private key from PEM to PKCS12 with OpenSSL and got this error:
C:\myworks>openssl pkcs12 -export -in openssl_ca3.pem -out openssl_ca3.p12
Enter pass phrase for openssl_ca3.key:
No certificate matches private key


The problem was that the -in parameter expects both private key and certificate in the same input file, i.e., openssl_ca3.pem in the above example. Appending the certificate file to the key fixed the problem:
C:\myworks>cat openssl_ca3.crt >>openssl_ca3.pem

C:\myworks>openssl pkcs12 -export -in openssl_ca3.pem  -out openssl_ca3.p12

Enter pass phrase for openssl_ca3.pem:
Enter Export Password:
Verifying - Enter Export Password:
Share |
| Comment  | Tags