I have generated public key for RSA using SecKeyWrapper class provided by Apple. How can I create PEM file to save this key in that file? Do we have any library or framework for this?
Best regards
openssl rsa -in ~/.ssh/id_rsa -outform pem > id_rsa.pem
chmod 700 id_rsa.pem
Related
Currently, I am integrating docebo API with python rest client. While creating an oAuth2 application in docebo with JWT bearer grant permission they are asking to upload the public key.
I have generated public key using below command on mac
ssh-keygen -t rsa -b 4096 -C <user id>
As they have mentioned public key format should be
—–BEGIN PUBLIC KEY—–
MIGeMA0GCSqGSIb3DQEBAQUAA4GMADCBiAKBgGOrtjv/oPcaWIQL7h3DwvGbWFhH
fAIP02pPPw1Cp8h0SUkmGAWUGKCNH2WuIeNxPlRZKmW86aivknrRtEN3QW6eEsFZ
ZSIKVmUPekKrSpvYmYwkTCnwCb4gpDu1ZPEde8VXhQjLRl7ielUktzzbXW7v1HmI
fDASHvMvIl4kwGA/AgMBAAE=
—–END PUBLIC KEY—–
According to that, I have converted id_rsa.pub to publicKey.pem using below command
ssh-keygen -f ~/.ssh/id_rsa.pub -m 'PEM' -e > publicKey.pem
chmod 600 public.pem
Still, I am not able to upload the publicKey.pem on the oauth2 application. Error is Public key is invalid.
Any idea about this. Thanks!
This is a late answer. Hopefully it can help others.
We use open ssl (https://www.openssl.org/source/) solved this issue. Run the commands below and import rsa_public.pem into Docebo.
openssl genpkey -algorithm RSA -out rsa_private.pem -pkeyopt rsa_keygen_bits:2048
openssl rsa -in rsa_private.pem -pubout -out rsa_public.pem
I had export .cer file from keychain and using below command try to convert in .pem file but in resulted .pem file missing
-----BEGIN PRIVATE KEY-----
please any one can give another way to do that
command are like
openssl pkcs7 -text -in certfile.cer -print_certs -outform PEM -out certfile.pem
If anyone wants to use command which is recommended for creating pem file,
then here is solution on my gist.
openssl x509 -in aps_development.cer -inform der -out PushChatCert.pem
openssl pkcs12 -nocerts -in PushChatKey.p12 -out PushChatKey.pem
cat PushChatCert.pem PushChatKey.pem > ck.pem
First 3 commands will generate pem, but if you want to test then 4th and 5th command will be necessary.
If you got error that about unknown command 'telnet' then install telnet from brew.
Also, I have the same issue when I convert .p12 file into .pem file
when I open that .pem file in that missing ----BEGIN PRIVATE KEY-----
So after searching find out solution use this convert .p12 to .pem
openssl x509 -inform der -in certificate.cer -out certificate.pem
Look no further. This is all that it takes.
I have created public private key pair for SSL connection using terminal in mac. I have used following commands to create private key and extracting public key from it:
# Create public-private key pair
openssl genrsa -out mykey.cer 1024
# Extract public key
openssl rsa -in mykey.cer -out public.pem -outform PEM -pubout
Now to use public key in my iPhone app I need to convert it to der format. But when I try to convert it with following command I am getting an error:
openssl x509 -in public.pem -outform der -out cert.der
**unable to load certificate
27928:error:0906D06C:PEM routines:PEM_read_bio:no start line:/SourceCache/OpenSSL098/OpenSSL098-52.20.2/src/crypto/pem/pem_lib.c:648:Expecting: TRUSTED CERTIFICATE**
I am using this link to create a SSL connection with server.
I believe the command to convert a public key from PEM to DER format is
openssl rsa -pubin -in public.pem -outform der -out cert.der
(your choice of output filename cert.der is misleading. It's a public key, not a certificate, public.der would be better)
Trying to use google-compute-engine provider for jclouds there appears to be a problem when putting the pem extracted from the .p12 into the credential section of my jenkins config.xml
Followed these instruction https://github.com/jclouds/jclouds-labs-google/tree/master/google-compute-engine to extract the pem file from the p12
Error is see when trying to test connection:
Cannot connect to specified cloud, please check the identity and credentials: chars -----BEGIN RSA PRIVATE KEY----- HIDDEN -----END RSA PRIVATE KEY----- doesn't contain % line [-----END ]
If I remove the "-----BEGIN RSA", jclouds correctly tells me that % doesnt contain the line -----BEGIN
but it seems to be barfing on parsing the "-----END" part
I thought It might have to do with pasting the key into the Credential section of the configure jenkins U/I,
but I placed the key directly into the config.xml's section, and I'm getting the same error.
jenkins-1.583-1.1.noarch with Jclouds plugin 2.8
Any ideas?
-Aric
Convert the p12 file into pem format (it will ask for the keystore password, which is usually "notasecret"):
openssl pkcs12 -in my_keystore.p12 -out my_keystore.pem -nodes
Extract only the pk and remove passphrase
openssl rsa -in my_keystore.pem -out my_key.pem
Then you can use this key and problem will be solved.
The solution on my side is to use the Textarea. FYI: JENKINS-25283
and reason is losing the new line character. Hope this help you.
I was having a similar problem after reading the key from a user interface.
The fix for me was:
privatekey = privatekey.replace("\\\n", System.lineSeparator());
This ensures the key includes system specific line-break characters.
I have a certificate and private key that I want to put together, in code, into a PKCS12 file with the OpenSSL library (libcrypto). I know how to do this via the command-line tool:
$ openssl x509 -in developer_identity.cer -inform DER -out developer_identity.pem -outform PEM
$ openssl pkcs12 -nocerts -in mykey.p12 -out mykey.pem
$ openssl pkcs12 -export -inkey mykey.key -in developer_identity.pem -out iphone_dev.p12
But how can I do it in code?
If you are willing to use C code in your objective-C code and you have OpenSSL library for iOS then you can do it.
You can use PKCS12_create function to create a PKCS12 structure and write it to file using i2d_PKCS12_bio function.
PKCS12_create takes the certificate, private key, passphrase, chain of CA certificates and other parameter.
It is explained in a pretty well manner in documentation.
I hope this will help you to start coding.