Openssl error “No certificate matches private key” when creating .PFX
I got this error trying to generate a .pfx file from a newly received certificate. The error scared me a little cause I was absolutely sure I tried to match the correct private key with the certificate.
Where it went wrong in this case was the export of the .cer file. I received a .p7b file from Verisign which contains my certificate plus the Verisign Root and Sub certs. From the .p7b file I chose to export my certificate
Now when you chose to export to DER format you will get your No Certificate Matches Private Key error. You need to chose to export to BASE64 to get it to work.
Chosing the right format will solve this problem and you can bundle your private key and public key in a .pfx file. Alternatively you can use OpenSSL to convert your DER certificate to an x509 certificate with the following command
openssl x509 -inform der -in MYCERT.cer -out MYCERT.pem
Then you can use the .pem file to create the .pfx
openssl pkcs12 -export -in cert.cer -inkey privkey.pem -out mycert.pfx