[EMAIL PROTECTED] wrote:
>
> Actually, this doesn't work. This is a question I've been wanting an answer to for a
>while: Whenever you create a CSR w/ a tool like RSA's (or with a server like
>Netscape that uses RSA's code), the private key is generated as a DER encoded PKCS8
>file of 670 bytes (for a 1024 bit RSA key). But you can't ever seem to use this w/
>the OpenSSL code (at least as far as I've been able to learn).
>
> The code below might work (if it included the x509 option) for a cert, but never for
>a key. I've tried openssl pkcs8 ... and all its flavors but never found anything to
>work. Anyone got the solution?
>
Try this for an unencrypted PKCS#8 RSA key:
openssl pkcs8 -inform DER -nocrypt -in p8key.der -out key.pem
if this doesn't work and you can create a sample private key (nothing
important!) then please mail me a copy and I'll look into it.
Failing that try doing:
openssl asn1parse -inform DER -in p8key.der
and posting the result.
Steve.
--
Dr Stephen N. Henson. http://www.drh-consultancy.demon.co.uk/
Personal Email: [EMAIL PROTECTED]
Senior crypto engineer, Celo Communications: http://www.celocom.com/
Core developer of the OpenSSL project: http://www.openssl.org/
Business Email: [EMAIL PROTECTED] PGP key: via homepage.
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]