OpenSSL: PEM routines:PEM_read_bio:no start line:pem_lib.c:703:Expecting: TRUSTED CERTIFICATE [closed]
Since you are on Windows, make sure that your certificate in Windows "compatible", most importantly that it doesn't have
^M
in the end of each lineIf you open it it will look like this:
-----BEGIN CERTIFICATE-----^MMIIDITCCAoqgAwIBAgIQL9+89q6RUm0PmqPfQDQ+mjANBgkqhkiG9w0BAQUFADBM^M
To solve "this" open it with
Write
or Notepad++ and have it convert it to Windows "style"Try to run
openssl x509 -text -inform DER -in server_cert.pem
and see what the output is, it is unlikely that a private/secret key would be untrusted, trust only is needed if you exported the key from a keystore, did you?
Another possible cause of this is trying to use the ;x509; module on something that is not X.509.
The server certificate is X.509 format, but the private key is RSA.
So:
openssl rsa -noout -text -in privkey.pemopenssl x509 -noout -text -in servercert.pem
My mistake was simply using the CSR file instead of the CERT file.