0

I am trying to create a .p12 file to establish a Two-Way SSL connection.

I have both privateKey.pem and cert.pem in the same folder and run in openssl:

openssl pkcs12 -export -in cert.pem -inkey "privateKey.pem" -certfile cert.pem -out myProject_keyAndCertBundle.p12

but getting the error "No certificate matches private key"

I am using OpenSSL Version 1.1.1q on a WIN64 machine

Eplenide
  • 9
  • 2
  • Fyi, the `cert.pem` should not need to be included in the `-certfile` list. It is already included by default when specified as the `-in` certificate PEM. At least that's always been the case for me. The *rest* of the cert issuance chain to a trusted root can (and should) be `-certfile` amended, but not the end-cert as you're showing. – WhozCraig Aug 09 '22 at 03:53
  • What matters is the contents of the file not its name. Does cert.pem actually contain one or more cert(s) in PEM format, or something else? If it does contain PEM cert(s), is it or one of them the correct cert? If it does contain the correct cert was this file created with a Windows program like notepad and is it UTF-16 or does it have a BOM at the beginning of the file with the desired cert first in the file? If either is true the file cert is NOT in PEM format and is not usable by OpenSSL. – dave_thompson_085 Aug 09 '22 at 06:07
  • I was naming the wrong file privateKey.pem this was an error on my part. RESOLVED – Eplenide Aug 09 '22 at 09:59

0 Answers0