OpenXPKI just loads the blobs into the database so zhe password is the
one you choose when creating your key, very likely the one you have
denoted in the secrets section (if not your key is not operational).
On 19.08.24 20:42, Andreas Piesk via OpenXPKI-users wrote:
Am 18.08.24 um 12:14 schrieb Alaa Hilal:
I have setup OpenXPKI and using it. All the functions that I use are
working fine. I have an issue is that I did not store the signing CA
key on my machine. However, it was imported into the system. the
settings in the realm's crypto.yaml look as below:
ca-signer:
inherit: default
key_store: DATAPOOL
key: "[% ALIAS %]"
secret: vault
How can I retrieve the key from the keystore?
you can get the encrypted key with
# openxpkicli get_data_pool_entry --arg namespace=sys.crypto.keys
--arg key=ca-signer-1
{
"encrypted" : 1,
"encryption_key" : "hc30eq5ENIXWelw7oRZ5l3u0ya0",
"key" : "ca-signer-1",
"mtime" : 1724090135,
"namespace" : "sys.crypto.keys",
"pki_realm" : "democa",
"value" : "-----BEGIN ENCRYPTED PRIVATE KEY-----\n
..
-----END ENCRYPTED PRIVATE KEY-----"
}
But I don't know how to decrypt the key.
Best,
-ap
_______________________________________________
OpenXPKI-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/openxpki-users
--
Protect your environment - close windows and adopt a penguin!
_______________________________________________
OpenXPKI-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/openxpki-users
