[openssl-users] Need help encrypting my ca.key

Viktor Dukhovni openssl-users at dukhovni.org
Tue Jan 6 05:13:49 UTC 2015

On Mon, Jan 05, 2015 at 11:04:19PM -0600, jack seth wrote:

> Thanks for the response.  First I am running this on Windows 7.   Questions
> 1. How can I determine what key format my ca.key is in?

    openssl asn1parse -in ca.key (don't post the output).

    plus some knowledge of the various ASN.1 encodings (PKCS#8, ...).
    See the pkey(1) and rsa(1) manpages from OpenSSL 1.0.0 or later.

> 2. You say there are multiple key formats for the same key, but
> for my peace of mind I would like to get the same key format that
>  originally had.  How can I do this?

    Copy the original file. :-)

> > There are multiple possible key formats for the same key. Instead
> > compare the outputs of:
> > 
> >     $ umask 077
> >     $ openssl rsa -in ca.key -noout -text > txt1
> >     $ openssl rsa -in catest.key -noout -text > txt2
> >     $ diff txt1 txt2

This really is sufficient to do the comparison.  You can adapt to
Windows without too much effort.


More information about the openssl-users mailing list