As we were trying to combine a private key with a certificate into a pkcs12 file, we got this OpenSSL error:
1 |
openssl pkcs12 -export -name "Domain" -out Domain.pfx -inkey private.key -in Domain.crt |
unable to load private key
11528:error:0909006C:PEM routines:get_name:no start line:crypto\pem\pem_lib.c:745:Expecting: ANY PRIVATE KEY
The file for the private key contained a private key, but OpenSSL could somehow not find it.
As it turns out, OpenSSL needs an UTF-8 encoded private key file, while we had one in UTF-8-BOM:
We can change the encoding in Notepad++ with the menu entry Encoding / Convert to UTF-8:
After this change of the encoding, we see UTF-8 in Notepad++:
We could now run the OpenSSL command again and it worked as expected. A better and more telling error message would be of great help. As it is, it takes a lot of time to find the source of the problem.