VMware Workspace ONE Community
Seb1180
Enthusiast
Enthusiast
‎06-03-2013 02:31 AM
Jump to solution

Private key does not match cert.

Hi,

I just purchased certs from a major cert authority for my workspace poc but when trying to install them on the configurator in the SSL part I receive a "private key does not match cert".

I have received three files from digicert ( DigiCertCA.crt - TrustedRoot.crt and mysite.com.crt)

I have opened them with notepad and copied the whole content into one text file in the mysite - digicert - trusteroot order. Pasted this into the SSL cert part and copied the csr made for the request in the private key part but it fails with that error.

also tried to download the cert as a pem file but same error.

Would anyone know what I am doing wrong ?

Cheers

Seb

0 Kudos
1 Solution

Accepted Solutions
Seb1180
Enthusiast
Enthusiast
‎06-04-2013 08:27 AM
Jump to solution

Solved.

In fact I feel really stupid but who knows someone else might come across and scratch his head like I did so as usual better sharing in case it can profit and spare some time.

While reading here and there (I really feel like an idiot ...) I figured out I was entering my CSR instead of entering my private key. But then where is my private key ?

I have generated the cert with the tool from digicert. Filled in all the fields so I am ending up with my cert and my csr ... No private key :smileyconfused:

So to get the key a bit of googling as usual and figured it out.

Add to export the cert with the private key and using openssl managed to recover the key

Export the private key file from the pfx file

openssl pkcs12 -in filename.pfx -nocerts -out key.pem

Export the certificate file from the pfx file
openssl pkcs12 -in filename.pfx -clcerts -nokeys -out cert.pem

Remove the passphrase from the private key
openssl rsa -in key.pem -out server.pem

Chained up all three certs downloaded previously into one. Pasted this into the SSL part. Copied the server.pem content into the private key part and TaDaaa Smiley Happy Here comes the green box Smiley Happy

Cheers

Seb

View solution in original post

0 Kudos
1 Reply
Seb1180
Enthusiast
Enthusiast
‎06-04-2013 08:27 AM
Jump to solution

Solved.

In fact I feel really stupid but who knows someone else might come across and scratch his head like I did so as usual better sharing in case it can profit and spare some time.

While reading here and there (I really feel like an idiot ...) I figured out I was entering my CSR instead of entering my private key. But then where is my private key ?

I have generated the cert with the tool from digicert. Filled in all the fields so I am ending up with my cert and my csr ... No private key :smileyconfused:

So to get the key a bit of googling as usual and figured it out.

Add to export the cert with the private key and using openssl managed to recover the key

Export the private key file from the pfx file

openssl pkcs12 -in filename.pfx -nocerts -out key.pem

Export the certificate file from the pfx file
openssl pkcs12 -in filename.pfx -clcerts -nokeys -out cert.pem

Remove the passphrase from the private key
openssl rsa -in key.pem -out server.pem

Chained up all three certs downloaded previously into one. Pasted this into the SSL part. Copied the server.pem content into the private key part and TaDaaa Smiley Happy Here comes the green box Smiley Happy

Cheers

Seb

0 Kudos