Understanding OpenSSL Steps for Converting .pem file to .pfx [closed]

StackOverflow https://stackoverflow.com/questions/23396326

Question

I am developing a plugin using Crossrider and needed a Code Signing Certificate as part of that process. In so doing I took the following actions

  1. Followed GoDaddy's instructions for generating a CSR as shown here

  2. Sent the CSR & private key to the client and asked them to purchase the CSC which they did

  3. Client sent me the .pem and .spc file from GoDaddy

  4. I used OpenSSL to convert the .pem file to a .pfx which Crossrider requires

    OpenSSL> pkcs12 -export -out certificate.pfx -inkey privateKey.key -in certificate.pem

  5. When OpenSSL requested that I "Enter Export Password" I used the same password as when generating the CSR.

  6. I uploaded the .pfx file to Crossrider and supplied the same password again

Crossrider is saying the file or password are not valid. Have I made any mistakes or missed something in the above steps?

UPDATE: 04/30 4:45 PST

The .pem file from GoDaddy already shows four -----BEGIN CERTIFICATE----- and -----END CERTIFICATE----- groups so it seems they did the chaining? I was able to import the .pfx file I generated into KeyChain Access on OSX and it shows up with our company name and as issued by GoDaddy with all of the details.

When I run openssl verify this is what I get...

OpenSSL> verify certificate.pem 
certificate.pem: /C=US/O=The Go Daddy Group, Inc./OU=Go Daddy Class 2 Certification Authority
error 18 at 0 depth lookup:self signed certificate
OK

I'm pretty lost so please offer any suggestions. I can post whatever info to help solve.

Was it helpful?

Solution

This was an issue with Crossrider not the OpenSSL generation of the .pfx file. I posted the issue to their support board last night and they responded that their dev team took a look and asked me to try again. I uploaded it and it worked.

Licensed under: CC-BY-SA with attribution
Not affiliated with StackOverflow
scroll top