How can I create a PFX certificate signed by some CA from scratch?
I want to create a certificate for my domain locally and then sign it, for example with the getaCert.com service. But at the end I get an error.
Below are the steps:
-
Create config for OpenSSL openssl.cnf based on http://www.dylanbeattie.net/docs/openssl.conf
-
Generate my.key private key and my.csr certificate request
openssl req -new -nodes -keyout my.key -out my.csr -newkey rsa: 2048 -config openssl.cnf
-
Submit my.csr to http://www.getacert.com/signacert.html and download my.cer signed public certificate and getacert.cer CA certificate
-
Try to create a PFX
openssl pkcs12 -export -in my.cer -inkey my.key -out gd.p12 -certfile getacert.cer
Error: the certificate does not match the private key
Why? And what am I doing wrong?
Here is a similar question, but without a reasonable answer
using OpenSSL to create a .pfx file
Is it possible to convert an SSL certificate from a .key file to a .pfx?
source to share
No one has answered this question yet
See similar questions:
or similar: