brgs
Reputation: 806
How to verify passphrase of pem certificate
As the title says. I can verify passphrase easily with php's openssl_pkcs12_read for p12 certs, but it seems like there isn't similar function for pems. Maybe it's impossible to do this with pems?
Upvotes: 15
Views: 55604
Answers (3)
Chris Gallup
Reputation: 41
One can also test the pass phrase without passing their password by using:
openssl rsa -noout -in YOUR_PRIVATE_KEY_FILE.pem
If passphrase is entered correctly, then no return.
If passphrase is entered incorrectly, then will return error:
PKCS12 routines:PKCS12_pbe_crypt_ex:pkcs12 cipherfinal error:../crypto/pkcs12/p12_decr.c:86:maybe wrong password
Upvotes: 4
mivk
Reputation: 14824
Try this if you don't mind the password being on the command-line and in the shell history:
openssl rsa -noout -in YOUR_PRIVATE_KEY_FILE.pem -passin "pass:YOUR_PASSWORD"
or with the password in a file:
openssl rsa -noout -in YOUR_PRIVATE_KEY_FILE.pem -passin "file:/PATH/PASSWORD_FILE.TXT"
Or build around something like this:
if openssl rsa -noout -in "$KEYFILE" -passin "pass:$PASSWORD" 2>/dev/null; then
echo OK
else
echo "Wrong password"
fi
Upvotes: 20
Related Questions
- How to check a public RSA key file
- Enter PEM pass phrase when converting PKCS#12 certificate into PEM
- Java - how to unlock a passphrase-protected PEM private key
- How can I know if a .pem file contains public or private key?
- Add password to openssl .pem file from -password
- Ho to get key.pem from a couple of .cert files
- Extracting private key from .cer to .pem with openssl
- How to automate PEM pass phrase when generating OpenSSL cert?
- Verify a PEM certificate against an issued server
- How to verify key length of a PEM certificate using openSSL functions