I am Expecting : Trusted certificate while converting pem to crt.
I am trying to generate a private-public key pair and convert the public key into a certificate which can be added into my truststore. To generate private & public key: openssl rsa -in private.pem -outform PEM -pubout -out public_key.pem Now I am trying to convert this to a certificate: openssl x509 -outform der -in public_key.pem -out public.cer But I get an error: 7962:error:0906D06C:PEM routines:PEM_read_bio:no start line:/BuildRoot/Library/Caches/com.apple.xbs/Sources/OpenSSL098/OpenSSL098-64.30.2/src/crypto/pem/pem_lib.c:648:Expecting: TRUSTED CERTIFICATE All tutorials show that I have to convert pem to crt before adding to a truststore.
You cannot "convert" a public key to a certificate i.e expecting: trusted certificate is not feasible. A certificate includes the public key but it also includes more information like the subject, the issuer, when the certificate is valid etc. And a certificate is signed by the issuer. Thus what you would need instead is to create a certificate signing request (CSR) which includes the public key but also includes all the additional information. This CSR then needs to be signed by a certificate authority (CA) which then results in the certificate. For creating a simple self-signed certificate which is not trusted by any browser see How to create a self-signed certificate with openssl?.