Project

General

Profile

Issue #3487

pkcs12 failed - No certificate matches private key

Added by Tom Hsiung about 2 months ago. Updated about 2 months ago.

Status:
Feedback
Priority:
Normal
Assignee:
-
Category:
-
Affected version:
5.8.4
Resolution:

Description

Hello,

Last week I tried to set up a new strongswan server on my Google Cloud VMs. But during the public key set up, I encountered a strange issue.

openssl pkcs12 -export -inkey /etc/ipsec.d/private/1/c.pem -in /etc/ipsec.d/certs/1/cpb.pem -name "client p12" -certfile /etc/ipsec.d/cacerts/1/cac.pem -caname “Strongswan” -out /etc/ipsec.d/certs/1/cpb.p12

I got this error

No certificate matches private key

I am pretty sure I had set up all public and private keys with the option of

--outform pem

Not only I tried new Ubuntu 20.04 TLS fresh new image, but also 18.04 TLS fresh image. Same issue.

Tom

History

#1 Updated by Tobias Brunner about 2 months ago

  • Status changed from New to Feedback

Without actual files we can only guess it's a user error (i.e. the private key simply does not match the certificate).

Also available in: Atom PDF