Re: [openssl-users] Problem with DER private key file into openssl ca
On 08/21/2017 01:41 PM, Jeffrey Walton wrote: openssl req -outform $format -config $cadir/openssl-root.cnf -set_serial 0x$(openssl rand -hex $sn)\ -inform $format -key private/ca.key.$format -subj "$DN"\ -new -x509 -days 7300 -sha256 -extensions v3_ca -out certs/ca.cert.$format unable to load Private Key 140492430772088:error:0906D06C:PEM routines:PEM_read_bio:no start line:pem_lib.c:707:Expecting: ANY PRIVATE KEY How do I tell it that the private key is DER? -inform is used to specify the encoding. You can find the man pages at https://www.openssl.org/docs/man1.0.2/apps/. You want the req.html. And the proper argument is: -keyform Thanks This is so much fun. Sigh. Bob -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Re: [openssl-users] Problem with DER private key file into openssl ca
> openssl req -outform $format -config $cadir/openssl-root.cnf -set_serial > 0x$(openssl rand -hex $sn)\ > -inform $format -key private/ca.key.$format -subj "$DN"\ > -new -x509 -days 7300 -sha256 -extensions v3_ca -out > certs/ca.cert.$format > > unable to load Private Key > 140492430772088:error:0906D06C:PEM routines:PEM_read_bio:no start > line:pem_lib.c:707:Expecting: ANY PRIVATE KEY > > How do I tell it that the private key is DER? -inform is used to specify the encoding. You can find the man pages at https://www.openssl.org/docs/man1.0.2/apps/. You want the req.html. Jeff -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
[openssl-users] Problem with DER private key file into openssl ca
format=der openssl pkey -inform $format -in private/ca.key.$format -text -noout Private-Key: (256 bit) priv: 48:b3:4e:c5:0a:0c:af:78:b9:a2:d4:b8:7e:18:78: f2:39:9c:77:51:a3:1c:6f:df:31:20:e3:e4:9a:52: 3d:06 pub: 04:ce:ff:5d:d4:c7:b6:9c:c2:31:d9:38:fe:2b:9c: 70:3a:fd:22:6d:97:d0:10:23:b3:57:6b:a9:51:e8: ce:db:16:0e:6e:8f:31:ca:6c:fe:09:69:25:be:2e: bf:fd:cc:ab:22:91:c8:db:f2:68:13:5a:57:03:5f: b2:ab:f6:ec:9d ASN1 OID: prime256v1 NIST CURVE: P-256 openssl req -outform $format -config $cadir/openssl-root.cnf -set_serial 0x$(openssl rand -hex $sn)\ -inform $format -key private/ca.key.$format -subj "$DN"\ -new -x509 -days 7300 -sha256 -extensions v3_ca -out certs/ca.cert.$format unable to load Private Key 140492430772088:error:0906D06C:PEM routines:PEM_read_bio:no start line:pem_lib.c:707:Expecting: ANY PRIVATE KEY How do I tell it that the private key is DER? Bob -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users