Openssl: No certificate matches private key / chained certificate

certificatechainedopenssl

I am getting this error while binding a chained certificate with a private key:

"No certificate matches private key"

the command I use is the following:

openssl pkcs12 -export -in chainedcertificate.pem -inkey private.pem -name MyCert -out chained.p12

Inside my chainedcertificate.pem is three blocks of BEGIN/END CERTIFICATE. CA, Intermediate and user certificate are in the file in reverse order (i.e. CA being last).

When I remove the the two last blocks and leave only the user certifcate, the chained.p12 is generated without any error.

Why would the insertion of the root certificate and intermediate would compromise the creation with this kind of error message ???

Best Answer

I think you need to provide the user cert first drilling deeper until the CA is reached at the end of the file. At least I would try this. Maybe I misread your description of the actual order you selected.

For `localhost` only

Simply paste this in your chrome:

chrome://flags/#allow-insecure-localhost

You should see highlighted text saying: Allow invalid certificates for resources loaded from localhost

Click Enable.

-OR-

Try typing: thisisunsafe anywhere on the window and the browser *should* let you visit the page.[link]

Best Answer

Related Solutions

Android – “Debug certificate expired” error in Eclipse Android plugins

Google-chrome – Getting Chrome to accept self-signed localhost certificate

For localhost only

Related Topic

For `localhost` only