hi all, any people can i help-me ? im runing this comand:
openssl pkcs12 -export -in /usr/local/ca/userCerts/user-cert.pem -out /usr/local/ca/userCerts/user-cert.p12 -inkey /usr/local/ca/userCerts/user-key.pem -password pass:password -certfile /usr/local/ca/certs/00.pem -noiter -nomaciter
and get this error :
No certificate matches private key
whats wrong ?
Short: /usr/local/ca/userCerts/user-cert.pem is not the certificate for /usr/local/ca/userCerts/user-key.pem.
Long: here is the code from OpenSSL 0.9.7.
1. all certificates from infile will be loaded
2. all loaded certificates will be checked and if one is matching the key the keyidlen will be set
3. if keyidlen was never set then there is no matching cert
---------------------------------------------------------------------
/* Load in all certs in input file */
if(!(certs = load_certs(bio_err, infile, FORMAT_PEM, NULL, e,
"certificates"))) {
goto export_end;
}#ifdef CRYPTO_MDEBUG
CRYPTO_pop_info();
CRYPTO_push_info("reading certs from input 2");
#endiffor(i = 0; i < sk_X509_num(certs); i++) {
ucert = sk_X509_value(certs, i);
if(X509_check_private_key(ucert, key)) {
X509_digest(ucert, EVP_sha1(), keyid, &keyidlen);
break;
}
}
if(!keyidlen) {
ucert = NULL;
BIO_printf(bio_err, "No certificate matches private key\n");
goto export_end;
}
------------------------------------------------------------------
Greetings Michael -- ------------------------------------------------------------------- Michael Bell Email: [EMAIL PROTECTED] ZE Computer- und Medienservice Tel.: +49 (0)30-2093 2482 (Computing Centre) Fax: +49 (0)30-2093 2704 Humboldt-University of Berlin Unter den Linden 6 10099 Berlin Email (private): [EMAIL PROTECTED] Germany http://www.openca.org
------------------------------------------------------- This sf.net email is sponsored by:ThinkGeek Welcome to geek heaven. http://thinkgeek.com/sf _______________________________________________ Openca-Users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/openca-users
