Hi,
Refering to the "FairPlay Streaming Certificate Generation Guide"
On page 7, we have created newreq.inf file and generated certreq.csr
However, we didn't apply "certreq -accept newcert.pem"
Then, we continue to create FPS Certificate by uploading our certreq.csr.
We received the ASk and fairplay.cer
Will this be a problem?
Is there anyway we can amend the private key? Or do we need to resubmit FPS Deployment package to redo the process?
Thanks.
Hello Efendy Se,
You are fine.
The following step is to import your new FPS certificate into the machine where your private key is.
certreq -accept newcert.pem
Once you do that, then you can export a key pair and certificate as a PKCS#12 file as described in the FairPlay Streaming Certificate Generation Guide.
Where do I get newcert.pem ?
Is it converting fairplay.cer to pem format?
We are getting this error, when we run certreq -accept fairplay.cer :
"
A certificate issued by the certification authority cannot be installed. Contact your adminitrator.
A certificate chain could not be build to a trusted root authority. 0x800b010a (-2146762486 CERT_E_CHAINING)
Certificate Request Processor: A certificate chain could not be build to a trusted root authority. 0x800b010a (-2146762486 CERT_E_CHAINING)
"
Thanks.
If you can use OpenSSL, you can use the Windows equivilent of the following to convert your cert to a pem format that you can import.
openssl x509 -inform der -in fairplay.cer -out fairplay.pem
I also have the same issue as the original poster. I followed the steps for creating the CSR using Windows but those steps left out the private key creation to include in the CSR.
This command does not address the missing private key; openssl x509 -inform der -in fairplay.cer -out fairplay.pem
Is there a solution or do I need to start over?
Kirk
