Solved

Merging certificat with private key

Posted on 2011-02-18
5
1,654 Views
Last Modified: 2013-12-04
Hello,
I'll try to explain my problem clearly :)
i need a certificat with a private key inside.
All my certificate are issued by verisign,

I've got a private key in  a file "myprivatekey.pem"
I've got my certificate chain like that :

Verisign1 -> Verisign2 -> Mycert

theses certificat doesn't have any privatekey
I want to merge "Mycert.cer" and "myprivatekey.pem" to have a certificate with the private key.

I searched lot of stuff on internet and i tried many ways with openssl
like that :

verify my key:
openssl rsa -noout -text -in c:\ssl\myprivatekey.pem
--> OK !

i convert my cer files in pem files --> OK !

and when i tried to merge :

C:\OpenSSL-Win32\bin>openssl pkcs12 -export -inkey c:\ssl\myprivatekey.pem -i
n c:\ssl\mycert.pem -out pkcs12.p12 -name test
Loading 'screen' into random state - done
No certificate matches private key

i just can't understand ...

plz advice.


Bye
Mat
0
Comment
Question by:Mathias75000
  • 3
5 Comments
 
LVL 10

Accepted Solution

by:
abbright earned 250 total points
ID: 34928175
Does your private key belong to the public key which is part of Mycert? If not (which seems to be the case according to the error message of openssl you posted) then I guess what you want to have is not possible as the certificate Mycert is a combination of a public key which has been signed by Verisign and the cooresponding private key. Without the corresponding public key belonging to your private key you cannot import it / create a new certificate. You would rather have to create a new public / private key pair and have the public key in the corresponding certificate be signed by verisign.
0
 

Author Comment

by:Mathias75000
ID: 34941591
the private key come from the previous public cert "Mycert" finished in 2010 signed by verisign as well.
My new certificat "Mycert" is just the new one for 2011.
so it should be ok ?
0
 
LVL 18

Assisted Solution

by:decoleur
decoleur earned 250 total points
ID: 34947832
you don't need to include your private key with the cert.

If you encrypt a message with your verisign signed private key the recipient will upon initial communication go to verisign and pull down the public key and validate that you are who you said you were.

you do not distribute your private key.

hope this helps,

-t
0
 

Author Comment

by:Mathias75000
ID: 34949586
yep but i need a certificat with the private key to sign my rdp file, that's why...
but i think i'll just ask for a another pair, it'll be easier ;)
thanks for the help !
0
 

Author Closing Comment

by:Mathias75000
ID: 34949711
partially.
0

Featured Post

Gigs: Get Your Project Delivered by an Expert

Select from freelancers specializing in everything from database administration to programming, who have proven themselves as experts in their field. Hire the best, collaborate easily, pay securely and get projects done right.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Healthcare providers, insurance companies and other covered entities trust eFax Corporate to transmit their most sensitive documents. eFax Corporate can help your organization implement a HIPAA compliant cloud faxing solution.
This paper addresses the security of Sennheiser DECT Contact Center and Office (CC&O) headsets. It describes the DECT security chain comprised of “Pairing”, “Per Call Authentication” and “Encryption”, which are all part of the standard DECT protocol.
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …

776 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question