I just got 4 files from RapidSSL which I would like to use for IIS Express. To do this I need to create a PFX file.
I have CSR, KEY, CERTIFICATE, ROOT/CA. Here there are:
CSR => I saved it as CSR.csr
-----BEGIN CERTIFICATE REQUEST-----
... hidden :)
-----END CERTIFICATE REQUEST-----
KEY -> I saved is as key.pem
-----BEGIN RSA PRIVATE KEY-----
... hidden :)
-----END RSA PRIVATE KEY-----
Certificate -> I saved is as cert.cer
-----BEGIN CERTIFICATE-----
... hidden :)
-----END CERTIFICATE-----
Root/CA -> I saved is as CA.cer
-----BEGIN CERTIFICATE-----
... hidden :)
-----END CERTIFICATE-----
I tried this command:
openssl pkcs12 -inkey key.pem -in cert.crt -export -out cert_pfx.pfx
Loading 'screen' into random state - done No certificate matches private key
I have also tried this command:
openssl pkcs12 -export -out cert_pfx.pfx -inkey key.pem -in cert.crt -certfile CA.crt
The same error here. What am I doing wrong?
Take a look here: http://support.servertastic.com/convert-pem-to-pfx/
Make sure the Private Key does sign the actual certificate. If it is a RapidSSL it might be worth re-issuing the certificate again to make sure the certificate is correct. You can do this free of charge here: https://products.geotrust.com/orders/orderinformation/authentication.do