[openssl-users] Converting a p12 or PEM formatted private key to a PKCS#1 format
Jakob Bohm
jb-openssl at wisemo.com
Thu Sep 3 16:23:59 UTC 2015
On 03/09/2015 18:16, Viktor Dukhovni wrote:
> On Thu, Sep 03, 2015 at 04:06:06PM +0000, Viktor Dukhovni wrote:
>> On Thu, Sep 03, 2015 at 08:21:25AM -0700, tmcclure0501 wrote:
>>
>>> We have an embedded MQTT framework that we want to configure for mutual
>>> authentication. The framework is complaining that it needs a key format of
>>> PKCS#1. We have p12 and pem formats of the key. Does openssl support
>>> converting keys to the PKCS#1, if so what is the command?
>> I've never heard of a PKCS#1 key format, I'm only aware of
>>
>> PKCS#8 - Private key
>> PKCS#12 - Private key and related certificates
>>
>> Consult the documentation for the product, this is not an OpenSSL
>> question until at least the desired key format is known.
> Perhaps what you're looking for is the legacy RSA key format (PEM
> or DER encoded).
>
> -----BEGIN RSA PRIVATE KEY-----
> -----END RSA PRIVATE KEY-----
>
> The "openssl rsa" command (unlike the "pkey" command) outputs RSA
> keys in either DER or PEM formats.
>
So to summarize:
First use the command "openssl pkcs12" and a text
editor to split the p12 file into individual
certificate and encrypted private key files.
Then use the "openssl rsa" command to convert the
encrypted private key files from PKCS#8 format to
"old-openssl/PKCS#1" format.
Enjoy
Jakob
--
Jakob Bohm, CIO, Partner, WiseMo A/S. http://www.wisemo.com
Transformervej 29, 2860 Søborg, Denmark. Direct +45 31 13 16 10
This public discussion message is non-binding and may contain errors.
WiseMo - Remote Service Management for PCs, Phones and Embedded
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mta.openssl.org/pipermail/openssl-users/attachments/20150903/0ef1de3b/attachment.html>
More information about the openssl-users
mailing list