Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

How to fix ‘Certificate Import Error: The Private Key for this Client Certificate is missing or invalid' error in the import certificate file

Tags:

linux

ssl

I work on Ubuntu 19. I have a .crt and a key file. I want to test my web app on https localhost.

I wanted to add crt file to Chrome (settings > advanced > manage certificates -> import ). So I tried to import the .crt file but I got is this:

"Certificate Import Error : The Private Key for this Client Certificate is missing or invalid"

I googled it, but I found nothing helpful.

I have also built the .pfx file (from .crt and key files) and imported it on chrome but I have error: "Your connection is not private"

I have also tested it by Firefox and Opera and get the same error.

like image 256
pouriaZand Avatar asked May 02 '19 07:05

pouriaZand


People also ask

How do I import a private key to a certificate?

Assign the existing private key to a new certificateSelect Start, select Run, type mmc, and then select OK. On the File menu, select Add/Remove Snap-in. In the Add/Remove Snap-in dialog box, select Add. Select Certificates, and then select Add.

How do I import a private key in Chrome?

Open Google Chrome, then click 'Menu icon' > 'Settings'. Scroll down and click the Show Advanced Settings link. Scroll down again and click the Manage Certificates button under HTTPS/SSL. In the Certificates interface, make sure the 'Personal' tab is selected, click 'Import' and then click 'Next'.

How can I recover my private key certificate?

Here are the steps to do this by first opening MMC Certificates snap-in as follows: Win+R > mmc.exe > OK > File > Add/Remove Snap-in > Certificates > Add > Computer account > Next > Local computer > Finish > OK.


2 Answers

I had the same issue, you should be adding it to 'Authorities' tab in Chrome browser. Authorities tab is for Self-Signed certs, whereas 'Your Certificates' tab is for identity certs.

like image 104
Eshwar P Avatar answered Oct 13 '22 08:10

Eshwar P


For properly importing the .crt and the .key into the nssdb database for Chrome I suggest you convert the client certificate + the private key into a PKCS12 certificate, for example:

openssl pkcs12 -export -inkey ./sample.key -in ./sample.crt -out ./sample.p12

Give it any export password you want, but write it down, because you'll need it later when importing.

After this, you can import the file "sample.p12" in the Chrome browser, using the tab 'Your Cerificates'.

like image 28
plaurentiu Avatar answered Oct 13 '22 10:10

plaurentiu