How to fix ‘Certificate Import Error: The Private Key for this Client Certificate is missing or invalid' error in the import certificate file

Question

I work on Ubuntu 19. I have a .crt and a key file. I want to test my web app on https localhost.

I wanted to add crt file to Chrome (settings > advanced > manage certificates -> import ). So I tried to import the .crt file but I got is this:

"Certificate Import Error : The Private Key for this Client Certificate is missing or invalid"

I googled it, but I found nothing helpful.

I have also built the .pfx file (from .crt and key files) and imported it on chrome but I have error: "Your connection is not private"

I have also tested it by Firefox and Opera and get the same error.

Answer 1

I had the same issue, you should be adding it to 'Authorities' tab in Chrome browser. Authorities tab is for Self-Signed certs, whereas 'Your Certificates' tab is for identity certs.

Answer 2

For properly importing the .crt and the .key into the nssdb database for Chrome I suggest you convert the client certificate + the private key into a PKCS12 certificate, for example:

openssl pkcs12 -export -inkey ./sample.key -in ./sample.crt -out ./sample.p12

Give it any export password you want, but write it down, because you'll need it later when importing.

After this, you can import the file "sample.p12" in the Chrome browser, using the tab 'Your Cerificates'.