Reputation: 161
Converting binary private key into pem format
I'm trying to import a certificate into AWS, the problem is my private key is not in pem format. I'd rather not have to create a new certificate as I've already had a CA sign mine. I've generated the key using this following command
keytool -genkey -alias info -keyalg RSA -keysize 2048 -keystore info
Which leaves me with a private key in binary format named info. I'm able to use this command to convert the private key into base64 I believe.
openssl rsa -inform DER -outform PEM -in info -out info.pem
The header and footer are missing
-----BEGIN RSA PRIVATE KEY-----
-----END RSA PRIVATE KEY-----
Which I append to their appropriate locations. Now when I'm attempt to upload my cert, it fails because the private key is not in pem format. AS per other questions regarding binary to pem format, I've tried this command.
openssl rsa -inform der -in info -outform pem -out info.pem
which results in this error "unable to load Private Key 140594255303104:error:0D07207B:asn1 encoding routines:ASN1_get_object:header too long:../crypto/asn1/asn1_lib.c:101:"
How should go about converting a binary key generated from keytool into pem format?
Upvotes: 1
Views: 3654
Answers (1)
Reputation: 161
I was able to convert it from jks to pem using these following commands.
keytool -importkeystore -srckeystore info -destkeystore info.p12 -srcalias info -srcstoretype jks -deststoretype pkcs12
openssl pkcs12 -in info.p12 -out info.pem
Upvotes: 1
Related Questions
- Convert .pem to .crt and .key
- Convert PEM traditional private key to PKCS8 private key
- How to convert an ECDSA secp256k1 PEM formatted private key to binary?
- RSA key convert to PEM file
- Convert private key in PEM format
- How to Export certificate key to PEM format?
- How to convert an ECDSA key to PEM format
- Extracting private key from .cer to .pem with openssl
- convert .pem private key to .key format
- How can I convert a pem private key to a format for windows that can be used in .NET