0

I have generated a private/public key pair using Putty. I have a private key file with extension .pem and public key file with extension .pub.

Now I want to create a certificate from that and import into Windows "trusted root certification authorities". The reason for that is because I need to use private key to connect to SFTP and I don't want to store the private key on disk.

I tried OpenSSL command shown below but it's failing with the error - "No certificate matches private key"

openssl pkcs12 -export -out MyCert.pfx -inkey private.pem -in public.key

How to resolve that? And get a certificate file containing those two keys inside it?

Improve this question
0

1 Answer 1

Reset to default
3

In general SSH does not use certificates. It uses simple key pairs. There are some proprietary extensions of SSH that use certificates. Most notably the OpenSSH.

PuTTY supports OpenSSH certificate in recent versions. SSH.NET does not support certificates at all. But note that OpenSSH certificates are special certificates. I believe they are not compatible with Windows certificates store. And even if they were, I'm sure OpenSSH does not use Windows certificates store anyway. So you would have to store the certificate into a file anyway.

If you want to avoid storing the key pair into a file, you can hard-code it into your C# binary.
For an example, see a Stack Overflow question about loading SSH private key from configuration string using SSH.NET.

Improve this answer
0

You must log in to answer this question.

Not the answer you're looking for? Browse other questions tagged .