将 PEM 传统私钥转换为 PKCS8 私钥 [英] Convert PEM traditional private key to PKCS8 private key
问题描述
我收到了一个 PEM 文件,其中包含一个证书和公钥/私钥.具体来说,它包括标题
I've been given a PEM file with a certificate and pub/private keys. Specifically it includes the headers
-----BEGIN CERTIFICATE-----
-----END CERTIFICATE-----
-----BEGIN RSA PRIVATE KEY-----
-----END RSA PRIVATE KEY-----
-----BEGIN RSA PUBLIC KEY-----
-----END RSA PUBLIC KEY-----
按照特定的顺序.
我的理解是在 BEGIN RSA PRIVATE KEY
标头之后没有标头,即该 pem 文件包含未加密的传统格式 (PKCS1) 的私钥.
My understanding is without a header following the BEGIN RSA PRIVATE KEY
header that this pem file contains a private key in the traditional format (PKCS1) without encryption.
我需要将此私钥转换为 DER 编码的 PKCS8 未加密格式,以便与 java 服务器代码一起使用,特别是 PKCS8EncodedKeySpec.我已经尝试过使用 rsa 和 pkcs8 命令的 OpenSSL,但没有运气.如果有更简单的东西,没有特别需要使用 openssl.
I need to convert this private key to a DER encoded PKCS8 unencrypted format for use with java server code, specifically PKCS8EncodedKeySpec. I've tried OpenSSL, both with rsa and pkcs8 commands, but with no luck. There's no specific need to use openssl if there is something easier.
特别是:
openssl rsa -in IServer_Key.orig.prikey.pem -out IServer_Key.pkcs8.pem
openssl rsa -in IServer_Key.orig.prikey.pem -out IServer_Key.pkcs8.pem -pubin openssl pkcs8 -in IServer_Key.orig.prikey.pem -out IServer_Key.pkcs8.pem -nocrypt
我也尝试过指定通知和输出但没有成功.
I've also tried specifying the inform and outform without success.
user@ubuntu:~/TestCerts$ openssl rsa -in IServer_Key.pem -out IServer_Key.pkcs8.pem -pubin
unable to load Public Key
5925:error:0906D06C:PEM routines:PEM_read_bio:no start line:pem_lib.c:650:
Expecting: PUBLIC KEY
user@ubuntu:~/TestCerts$ openssl rsa -in IServer_Key.orig.prikey.pem -out IServer_Key.pkcs8.pem
unable to load Private Key
5993:error:0D0680A8:asn1 encoding routines:ASN1_CHECK_TLEN:wrong tag:tasn_dec.c:1316:
5993:error:0D06C03A:asn1 encoding routines:ASN1_D2I_EX_PRIMITIVE:nested asn1 error:tasn_dec.c:828:
5993:error:0D08303A:asn1 encoding routines:ASN1_TEMPLATE_NOEXP_D2I:nested asn1 error:tasn_dec.c:748:Field=n, Type=RSA
5993:error:0D09A00D:asn1 encoding routines:d2i_PrivateKey:ASN1 lib:d2i_pr.c:99:
5993:error:0907B00D:PEM routines:PEM_READ_BIO_PRIVATEKEY:ASN1 lib:pem_pkey.c:125:
user@ubuntu:~/TestCerts$ openssl pkcs8 -in IServer_Key.orig.prikey.pem -out IServer_Key.pkcs8.pem -nocrypt
Error decrypting key
6022:error:0906D06C:PEM routines:PEM_read_bio:no start line:pem_lib.c:650:
Expecting: PRIVATE KEY
在这一点上,我们将非常感谢任何帮助.
Any help would be very much appreciated at this point.
推荐答案
尝试使用以下命令.我还没有尝试过,但我认为它应该有效.
Try using following command. I haven't tried it but I think it should work.
openssl pkcs8 -topk8 -inform PEM -outform DER -in filename -out filename -nocrypt
这篇关于将 PEM 传统私钥转换为 PKCS8 私钥的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!