ssl : Unable to load certificate

Question

I have 2 files - CSR.csr and newkey.key, both seem to be in PEM format as follows -

-----BEGIN CERTIFICATE REQUEST-----  MIID....  -----END CERTIFICATE REQUEST-----  -----BEGIN RSA PRIVATE KEY-----  MI...  -----END RSA PRIVATE KEY----- 

When I'm trying to read the CSR.csr file, I get the following error :

$ openssl x509 -in CSR.csr -text -noout unable to load certificate 140518720210760:error:0906D06C:PEM routines:PEM_read_bio:no start line:pem_lib.c:698:Expecting: TRUSTED CERTIFICATE 

I read that we get this error when the input file is in DER format, so I tried the following -

$ openssl x509 -inform DER -in CSR.csr -text -noout 

but now I get the error -

unable to load certificate 140519053051720:error:0D0680A8:asn1 encoding routines:ASN1_CHECK_TLEN:wrong tag:tasn_dec.c:1320: 140519053051720:error:0D07803A:asn1 encoding routines:ASN1_ITEM_EX_D2I:nested asn1 error:tasn_dec.c:382:Type=X509 

And it seems this error occurs when the input file is already in PEM format and one tries to read it in DER format.

Really confused how to go about it as I'm new to SSL. Please help!

Answer 1

In my case I was trying to read my cer file and was receiving the error stated above

openssl x509 -in CSR.csr -text -noout unable to load certificate 140518720210760:error:0906D06C:PEM routines:PEM_read_bio:no start line:pem_lib.c:698:Expecting: TRUSTED CERTIFICATE

I had to convert it to a crt file using openssl.

openssl x509 -inform DER -in <certname>.cer -out <certname>.crt openssl x509 -in <certname>.crt -text 

Here's the doc i used. I was able to read it using openssl after that