This post will likely never help anyone. I needed to convert a certificate in pem format to pkcs12. It’s really easy, unless you get some a vague error.
openssl pkcs12 -export -out certificate.pfx -inkey certificate.key -in certificate.crt -certfile ca_certificate.crt
The certfile argument is likely optional, although you almost always get an intermediate certificate. You can probably also concatinate your certificate before hand, but I haven’t tried or read about it. The problem was that I went to do this very simple task and I was presented with an error.
“unable to load certificates”
I went to verify the certificate and key.
openssl x509 -noout -text -in certificate.crt
openssl rsa -noout -text -in certificate.key
The key check worked but the certificate check didn’t. The certificate check had the same error. I went to a new system and tried the same thing and it still didn’t work. I eventually got some debuging from openssl and it had something I could go on.
140480776103592:error:0906D066:PEM routines:PEM_read_bio:bad end line:pem_lib.c:802:
Bad end of line. I opened the certificate in vim and I looked. Fortunately for myself I have ocd and I noticed that the number of hyphens on the end of the last part of the file didn’t match the other three portions.
I added the remaining hyphen on the original system and the original command ran fine. I saw many people
this problem, but the threads all just ended abruptly. Perhaps this was the same problem and they had a bad copy and paste… My recommendation is to check your work with an md5sum.