Reputation: 49
How to create a truststore from a public RSA key
I need to read an encrypted ID token in an OpenID Connect flow with a private and public key. Don't need a cert.
First I ran:
openssl req -new -newkey rsa:2048 -keyout key.pem -pubkey -out pubreq.pem -subj "/CN=MyKey"
Got the public and private keys.
Then I ran:
openssl pkcs12 -export -inkey key.pem -out encryptedprivatekeytest.p12 -nocerts
So far so good. The file encryptedprivatekeytest.p12 contains the private key. Now I just need to create a jks truststore file from the public key in pubreq.pem.
Literally no matter how hard I try to find out how to, I just can't.
Any takers?
Upvotes: 0
Views: 328
Answers (1)
Reputation: 496
You have actually created a certificate signing request with the above command.
To generate just a public-private key pair, you can use:
openssl genrsa -out private.key 2048
openssl rsa -in private.key -pubout -out public.key
However, a trust store contains certificates, not public keys.
Upvotes: 0
Related Questions
- Creating .p12 truststore with openssl
- How should I convert a PublicKey to a Certificate in Java
- java ssl connection using truststore
- How do I create truststore and keystore from the signed certificate?
- Creating a truststore in java
- How to create keystore and truststore using self-signed certificate?
- Creating a keystore from private key and a public key
- How to generate a Certificate Chain to be sent as an argument to KeyStore.PrivateKeyEntry?
- How do you create trust/keystores programatically?
- How to store Private Key and Public Key into KeyStore