• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1686
  • Last Modified:

Merging certificat with private key

I'll try to explain my problem clearly :)
i need a certificat with a private key inside.
All my certificate are issued by verisign,

I've got a private key in  a file "myprivatekey.pem"
I've got my certificate chain like that :

Verisign1 -> Verisign2 -> Mycert

theses certificat doesn't have any privatekey
I want to merge "Mycert.cer" and "myprivatekey.pem" to have a certificate with the private key.

I searched lot of stuff on internet and i tried many ways with openssl
like that :

verify my key:
openssl rsa -noout -text -in c:\ssl\myprivatekey.pem
--> OK !

i convert my cer files in pem files --> OK !

and when i tried to merge :

C:\OpenSSL-Win32\bin>openssl pkcs12 -export -inkey c:\ssl\myprivatekey.pem -i
n c:\ssl\mycert.pem -out pkcs12.p12 -name test
Loading 'screen' into random state - done
No certificate matches private key

i just can't understand ...

plz advice.

  • 3
2 Solutions
Does your private key belong to the public key which is part of Mycert? If not (which seems to be the case according to the error message of openssl you posted) then I guess what you want to have is not possible as the certificate Mycert is a combination of a public key which has been signed by Verisign and the cooresponding private key. Without the corresponding public key belonging to your private key you cannot import it / create a new certificate. You would rather have to create a new public / private key pair and have the public key in the corresponding certificate be signed by verisign.
Mathias75000Author Commented:
the private key come from the previous public cert "Mycert" finished in 2010 signed by verisign as well.
My new certificat "Mycert" is just the new one for 2011.
so it should be ok ?
you don't need to include your private key with the cert.

If you encrypt a message with your verisign signed private key the recipient will upon initial communication go to verisign and pull down the public key and validate that you are who you said you were.

you do not distribute your private key.

hope this helps,

Mathias75000Author Commented:
yep but i need a certificat with the private key to sign my rdp file, that's why...
but i think i'll just ask for a another pair, it'll be easier ;)
thanks for the help !
Mathias75000Author Commented:

Featured Post

Automating Your MSP Business

The road to profitability.
Delivering superior services is key to ensuring customer satisfaction and the consequent long-term relationships that enable MSPs to lock in predictable, recurring revenue. What's the best way to deliver superior service? One word: automation.

  • 3
Tackle projects and never again get stuck behind a technical roadblock.
Join Now