Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

How to get RSA key from -----BEGIN CERTIFICATE----- from.crt and .pem file?

Tags:

key

ssl

pem

crt

I'm having .crt and .pem file with

-----BEGIN CERTIFICATE-----

MIIFSDCCBDCg........................................

-----END CERTIFICATE-----

and I want RSA key from this file.

anyone is having any idea that how we can do that.

I have used below command one by one

openssl rsa -in XXX.crt -out input1.der -outform DER
openssl rsa -in input1.der -inform DER -out key.pem -outform PEM

But, It gives error:

unable to load Private Key 140331982231200:error:0906D06C:PEM
routines:PEM_read_bio:no start line:pem_lib.c:703:Expecting: ANY PRIVATE KEY

and I have also used different command but it give above error.

like image 985
tushark Avatar asked Apr 13 '17 06:04

tushark


2 Answers

-----BEGIN CERTIFICATE-----

MIIFSDCCBDCg........................................

-----END CERTIFICATE-----

This is a certificate in pem format which is a wrapper over public key. A Certificate is supposed to be public and can be distributed, but private key (as the name suggest) is supposed to be kept secret. So a certificate can never contain a private key.

You mentioned, you have a ´.pem´ file too. What is it's content? Does it start with -----BEGIN RSA PRIVATE KEY-----. If yes, it would be your private key.

The command you are trying: openssl rsa It expects a private key in input, but you are supplying it a certificate. Hence the error.

like image 128
user3493833 Avatar answered Nov 07 '22 22:11

user3493833


You can't get a private key from a certificate, because the private key isn't in the certificate, and you can't get it from a PEM file unless the PEM file contains it, which ain't necessarily so,

like image 29
user207421 Avatar answered Nov 07 '22 22:11

user207421