I have a website I want to use client authentication certificates with. This is just a personal website for myself and a handful of family/friends, so I created a CA to sign some certificates that I can distribute to them so they can sign on without a password.
The problem is, I created two client certificates in p12 format, but I can't load both into Chrome OR firefox. But I CAN load each individually, but I get 'unknown errors' when I try to load the second.
So if I load my cert first into chrome or firefox, it loads fine. Then If I add my wife's, I get an error. If I delete mine and add only my wife's cert, it adds fine. But then when I try to import my cert, it gives an error.
This is how I created everything.
#1 Make CA and Cert
openssl genrsa -aes256 -out projects_ca.key 4096
openssl req -new -x509 -days 365 -key projects_ca.key -out projects_ca.crt
#2 Make Server Key
openssl genrsa -aes256 -out projects_server.key 4096
openssl req -new -key projects_server.key -out projects_server.csr
#3 Self Sign Server Key
openssl x509 -req -days 365 -in projects_server.csr -CA projects_ca.crt -CAkey projects_ca.key -set_serial 001 -out projects_server.crt
#4 Make Client Key
openssl genrsa -aes256 -out husband_client.key 4096
openssl req -new -key husband_client.key -out husband_client.csr
#5 Sign Client Key
openssl x509 -req -days 365 -in husband_client.csr -CA projects_ca.crt -CAkey projects_ca.key -set_serial 001 -out husband_client.crt
#6 Converet Client Key to p12
openssl pkcs12 -export -out husband_client.p12 -inkey husband_client.key -in husband_client.crt -certfile projects_ca.crt
Then I repeat steps 4-5 for 'wife_client'.
But I can NOT import BOTH wife_client.p12 AND husband_client.p12 into Chrome.
Specifcally, in Chrome when I import the 2nd key. It asks for the p12 password, which I enter. But then it gives this error:
"Unknown Error"
In Firefox, I import the 2nd key, it also asks for the password which I enter, then I get this error:
"The PKCS #12 operation failed for unknown reasons."
Chrome is actually Chromium 53.0.2785.143
Firefox is 52.0.2 on Linux
How do I import two .p12 keys? They work individually, and I can sign into my website when I have just one installed. How can I get two installed?