We created the certificate request and the private key with openssl as follows
req -out CSR.csr -new -newkey rsa:2048 -nodes -keyout privateKey.key
We sent the CSR out and after verification, we got back the spc file. Now I want to sign my code with signtool. Apparently, I need to generate a pfx file combining the spc and the private key, so I invoke
pvk2pfx.exe -pvk file.pvk -spc file.spc -pfx cert.pfx
This program asks for a password, but we never set a password on the private key. We just pressed enter. If we try to press enter at the dialog, we get
ERROR: Password incorrect.
(Error Code = 0x80070056)
If we try any other text, we get
ERROR: Bad file format.
(Error Code = 0x8007000b)
I also tried using signtool and the wizard, which apparently accepts the spc and pvk separated. When I specify the private key (from disk, CSP: Microsoft strong cryptographic provider, provider type RSA Full) I get
The signing certificate and private key do not match
or do not contain valid information.
Any suggestion?