Am 18.08.24 um 12:14 schrieb Alaa Hilal:
I have setup OpenXPKI and using it. All the functions that I use are working
fine. I have an issue is that I did not store the signing CA key on my machine.
However, it was imported into the system. the settings in the realm's
crypto.yaml look as below:
ca-signer:
inherit: default
key_store: DATAPOOL
key: "[% ALIAS %]"
secret: vault
How can I retrieve the key from the keystore?
you can get the encrypted key with
# openxpkicli get_data_pool_entry --arg namespace=sys.crypto.keys --arg
key=ca-signer-1
{
"encrypted" : 1,
"encryption_key" : "hc30eq5ENIXWelw7oRZ5l3u0ya0",
"key" : "ca-signer-1",
"mtime" : 1724090135,
"namespace" : "sys.crypto.keys",
"pki_realm" : "democa",
"value" : "-----BEGIN ENCRYPTED PRIVATE KEY-----\n
..
-----END ENCRYPTED PRIVATE KEY-----"
}
But I don't know how to decrypt the key.
Best,
-ap
_______________________________________________
OpenXPKI-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/openxpki-users
