xkcd

[Sir-Taco]

So I need to somehow use this key

-----BEGIN RSA PRIVATE KEY-----
Snipped private key data... you really shouldn't be sharing that sort of thing. If you really want this here, then PM me. - phlip
-----END RSA PRIVATE KEY-----

and turn it into a pkcs12 format cert that I can use in firefox...I've tried openssl with pkcs12 -export -inkey keyraw.key -out cert.p12 but it doesn't work, nor do any other combination, is there something I am missing? Do I need to grab the public key from the site as well? This is my first time working with keys of any sort so any help would be appreciated

[archeleus]

Can you tell us the error message?

Just a vague guess, but you could try

Code: Select all

openssl pkcs12 -export -in keyraw.key -out cert.p12 -nocert

Cheers.

[MissingDividends]

Can you tell us the error message?

While this would be useful, I'm not sure that I understand quite what you're trying to do. Could you explain why you're taking these steps?

Code: Select all

openssl pkcs12 -export -in keyraw.key -out cert.p12 -nocert

The '-nocerts' flag disables output of a certificate, so I don't think that's what's being looked for.

Also, the -in argument takes a certificate (in pem format), not a key.

I'm not sure where you got the key from or why you need to use a specific key, but usually the process is to use a command like this to generate a certificate and corresponding private key (to cert.pem and privkey.pem).

Code: Select all

openssl req -new -out cert.pem -x509

And then pass them to this command to create the p12 file:

Code: Select all

openssl pkcs12 -export -in cert.pem -inkey privkey.pem -out pkcs12file.p12 -name "certificate1"

The cert.pem file is needed because that's the file that contains the information used for the p12 file (country name, state, locale, organization, common name, and email).