Cannot create pfx file from cer file with openssl

1
votes

I'm sure that this has been asked you several times, but solutions to that cases didn't work for me. So I need your help.

Consider x.root.cer is CA's certificate, x.app.cer is Application's certificate signed by CA's certificate, and x.app.private.pem is Application's private key.

I'm using following command in order to create pfx file (want to include both private key and certificate of application).

openssl pkcs12 -export -in x.app.cer -inkey x.app.private.pem -out x.app.pfx -certfile x.root.cer

Even though I know (can see) that 3 files are there, I'm getting the following error:

unable to load certificates

Can you please help me about this error?

1
sslopensslcertificatepempfx
Stack Overflow is a site for programming and development questions. This question appears to be off-topic because it is not about programming or development. See What topics can I ask about here in the Help Center. Perhaps Super User or Unix & Linux Stack Exchange would be a better place to ask. Also see Where do I post questions about Dev Ops?.jww
Well @jww, I'm old enough in here to understand what should I have to post and what I shouldn't. There are tens of questions about openssl with unsuccessful execution of pkcs12, x509 etc. commands or having error messages like "unable to load certificates". And you found your whipping boy :). On the other hand, I believe openssl is used by developers also. So, I guess I posted this question with the right tags.rebulanyum
If you want help with commands, then you should go to the appropriate site. The OpenSSL tag suffers enough pollution, and we don't need more.jww

1 Answers

2
votes

Well, finally I suceeded with this command

openssl pkcs12 -export -in x.app.cer -inkey x.app.private.pem -out x.app.pfx

That means I shouldn't use -certfile parameter.