"unable to load certificates" when using openssl to generate a PFX

The wrong, and right choice to make when exporting a certificate for use with openssl

If you've tried to follow the instructions in my Generating an SSL certificate with SANs via a Windows Certificate Authority post and have run a command to combine the certificate and private key:

openssl pkcs12 -export -out star_dot_robertwray_dot_local.pfx -inkey star_dot_robertwray_dot_local.key -in star_dot_robertwray_dot_local.cer

Getting the error unable to load certificates means that you've chosen the wrong option when doing a 'Copy to File...' or otherwise writing the certificate into the file. Take a look in the certificate file (notepad is a good choice) and if it's unintelligible noise then you've probably exported the certificate as DER encoded binary, rather than Base-64 encoded. Re-export the certificate and try again!

About Rob

I've been interested in computing since the day my Dad purchased his first business PC (an Amstrad PC 1640 for anyone interested) which introduced me to MS-DOS batch programming and BASIC.

My skillset has matured somewhat since then, which you'll probably see from the posts here. You can read a bit more about me on the about page of the site, or check out some of the other posts on my areas of interest.

No Comments

Add a Comment