将二进制私钥转换为pem格式 [英] Converting binary private key into pem format

问题描述

我正在尝试将证书导入到AWS中，问题是我的私钥不是pem格式.我宁愿不必创建新的证书，因为我已经拥有一个CA签名矿.我已经使用以下命令生成了密钥

I'm trying to import a certificate into AWS, the problem is my private key is not in pem format. I'd rather not have to create a new certificate as I've already had a CA sign mine. I've generated the key using this following command

keytool -genkey -alias info -keyalg RSA -keysize 2048 -keystore info

这给我留下了一个名为info的二进制格式的私钥.我相信我可以使用此命令将私钥转换为base64.

Which leaves me with a private key in binary format named info. I'm able to use this command to convert the private key into base64 I believe.

 openssl rsa -inform DER -outform PEM -in info -out info.pem

页眉和页脚缺失

-----BEGIN RSA PRIVATE KEY-----

-----END RSA PRIVATE KEY-----

我附在其适当的位置之后.现在，当我尝试上传证书时，它失败了，因为私钥不是pem格式.至于有关二进制到pem格式的其他问题，我已经尝试过此命令.

Which I append to their appropriate locations. Now when I'm attempt to upload my cert, it fails because the private key is not in pem format. AS per other questions regarding binary to pem format, I've tried this command.

openssl rsa -inform der -in info -outform pem -out info.pem

这将导致此错误无法加载私钥140594255303104:错误:0D07207B:asn1编码例程:ASN1_get_object:标头太长:../crypto/asn1/asn1_lib.c:101:"

which results in this error "unable to load Private Key 140594255303104:error:0D07207B:asn1 encoding routines:ASN1_get_object:header too long:../crypto/asn1/asn1_lib.c:101:"

如何将从keytool生成的二进制密钥转换为pem格式?

How should go about converting a binary key generated from keytool into pem format?

推荐答案

我能够使用以下命令将其从jks转换为pem.

I was able to convert it from jks to pem using these following commands.

keytool -importkeystore -srckeystore info -destkeystore info.p12 -srcalias info -srcstoretype jks -deststoretype pkcs12
openssl pkcs12 -in info.p12 -out info.pem

这篇关于将二进制私钥转换为pem格式的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！