views:

302

answers:

0

I've been offered some commands to create a .pfx file using OpenSSL. For the most part, my partner gathered this information from: http://stackoverflow.com/questions/553149/is-it-possible-to-convert-an-ssl-certificate-from-a-key-file-to-a-pfx

I have the following files:

  1. 2010certificate.cer
  2. 2010cert_and_key.pem
  3. private_verisign10to11.key

I have tried to generate with both:

openssl pkcs12 -export -out s2010-1.pfx -inkey private_verisign10to11.key -in 2010cert_and_key.pem -certfile 2010certificate.cer
and
openssl pkcs12 -export -out s2010-1.pfx -inkey private_verisign10to11.key -in 2010certificate.cer -certfile 2010cert_and_key.pem 

No errors are thrown in this situation, but when I try to view or import the generated file s2010-1.pfx, Protecle says it can't open it. Keytool says:

keytool -import -file s2010-1.pfx x -keystore cacerts -alias fqdn -storepass <.pfx's pass word>
keytool error: java.lang.Exception: Input not an X.509 certificate

I am assuming the problem is with the .pfx generation, but I don't really know how to test it until the keytool command. Any suggestions on what to do from here would be great.