Convert a certificate to PFX (GoDaddy, unable to load private key)


Scenario

You’ve successfully received a SSL-certificate from GoDaddy or any other providers, and then tried to convert a crt/p7b certificate to PFX which has been required by Azure services (Application Gateway or App Service, for instance)

When you convert the cert by using the openssl you also get the following error:

unable to load private key
24952:error:0909006C:PEM routines:get_name:no start line:crypto\pem\pem_lib.c:745:Expecting: ANY PRIVATE KEY

Solution

You should check the .key file encoding.

Carry out the following steps: open the .key file with Visual Studio Code or Notepad++ and verify that the .key file has UTF-8 encoding. In my case, the file had UTF-8 with BOM encoding, so I saved the file with just UTF-8, and then tried the conversion again:

openssl pkcs12 -export -in cert.crt -inkey privatekey.key -out pfxname.pfx

In addition, make sure that .key file has a valid scheme:

-----BEGIN PRIVATE KEY-----
Cipher here
-----END PRIVATE KEY-----

Easy peasy, but troubleshooting could break you mind 🙂

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s