How to add an existing key to the certutil key database

certificate ssl ssl-certificate nss

No, certutil doesn't have an option to add private keys. You need to use pk12util for that.

If your private key is in PKCS12 format, you can add it to the key/cert database with

pk12util -i keyfile.key -d/path/to/database -W password

If it's in PEM format, you'll need to convert it to PKCS12 first by

openssl pkcs12 -export -out server.pfx -inkey server.key -in server.crt -certfile CAcert.crt

then import server.pfx with pk12util as above.

Unfortunately certutil and pk12util often don't come with man pages, but certutil -H and pk12util -H provide some help. There are also some online docs and man pages.

Related

Why does a ZFS resilver scan the entire pool?
Automating WSUS via PowerShell
Why is routing neither CPU nor memory intensive? [closed]
Tinyproxy Refused CONNECT method
What happens if the DHCP server comes online after the client devices do?
How to run Gunicorn upstream with an Nginx SSL configuration?
How to permanently increase RabbitMQ file descriptors limit
Logwatch is not respecting MailFrom
How can I enable Ping on an Azure Linux VM
Adding more mirrored vdevs to a ZFS pool on Ubuntu
Shrink partition to exactly fit the underlying filesystem size
Hosting DKIM records on a separate nameservers