如何将私钥转换为 RSA 私钥? [英] How to convert a private key to an RSA private key?

问题描述

让我先解释一下我的问题.我从 CA 购买了证书，并使用以下格式生成 csr 和私钥:

Let me explain my question first. I bought a certificate from a CA and used the following format to generate the csr and the private key:

openssl req -new -newkey rsa:2048 -nodes -keyout server.key -out server.csr

当我打开 server.key 文件时，我看到它以-----BEGIN PRIVATE KEY-----"开头

When I open the server.key file, I see that it begins with "-----BEGIN PRIVATE KEY-----"

我在我的服务器上使用 SSL 证书，一切看起来都很好.

I use the SSL cert on my server and everything looks fine.

现在我想将相同的证书上传到 AWS IAM，以便我可以通过 beanstalk 负载均衡器使用它.我使用这个 aws doc http://docs.aws.amazon.com/IAM/latest/UserGuide/InstallCert.html#SubmitCSRCertAuth

Now I want to upload the same cert to AWS IAM so that I can use it for by beanstalk load balancer. I use the following command from this aws doc http://docs.aws.amazon.com/IAM/latest/UserGuide/InstallCert.html#SubmitCSRCertAuth

iam-servercertupload -b public_key_certificate_file  -k privatekey.pem -s certificate_object_name

我根据需要更改了证书文件名，但一直收到此错误:400 MalformedCertificate Invalid Private Key."

I change the cert file names as required but keep getting this error: "400 MalformedCertificate Invalid Private Key."

有趣的是，在 aws doc 页面上，他们展示的示例私钥以-------Begin RSA Private Key--------"开头

The interesting thing is, on the aws doc page, the sample private key that they show starts with "-------Begin RSA Private Key--------"

有没有办法使用 openssl 将我的私钥转换为 RSA 私钥?

Is there a way to convert my private key to an RSA private key using openssl?

推荐答案

较新版本的 OpenSSL 说 BEGIN PRIVATE KEY 因为它们包含私钥 + 标识密钥类型的 OID(这是已知的作为 PKCS8 格式).要获取旧式密钥(称为 PKCS1 或传统 OpenSSL 格式)，您可以执行以下操作:

Newer versions of OpenSSL say BEGIN PRIVATE KEY because they contain the private key + an OID that identifies the key type (this is known as PKCS8 format). To get the old style key (known as either PKCS1 or traditional OpenSSL format) you can do this:

openssl rsa -in server.key -out server_new.key

或者，如果您有 PKCS1 密钥并想要 PKCS8:

Alternately, if you have a PKCS1 key and want PKCS8:

openssl pkcs8 -topk8 -nocrypt -in privkey.pem

这篇关于如何将私钥转换为 RSA 私钥?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！