I have been successfully creating the mydomain.key, mydomain.crt, mydomain.csr and account.key files through ZerolSSL.com. However, when I was trying to combine the mydomain.key and mydomain.crt files to create the .pfx file for my IIS server, I got the error below. Does anyone know why this happened?
PS C:\OpenSSL-Win64\bin> openssl pkcs12 -export -out mycert.pfx -inkey mydomain.key -in mydomain.crt
No certificate matches private key
your key and your cert are not a public / private key pair. You use the wrong private key.
I used “openssl genrsa -out mydomain.key 2048” to generate mydomain.key.
If mydomain.key is not a private key, then which one is the private key? Is it the account.key?
It may be a private key, I don't know that. But the error says: You have selected the wrong private key.
Must be the key you have used to create the CSR.
PS: No, it's not the account key. These are different things.
mydomain.key is the key i used to create the csr.
le64 -key account.key -csr mydomain.csr -csr-key mydomain.key -crt mydomain.crt -domains “www.friendly.cool,friendly.cool” -path “C:\inetpub\henrywebroot\.well-known\acme-challenge” -generate-missing -live
I believe the answer I posted here might help: Why SSL verification of my domain name failed?
This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.