>
> > Tomas Mraz, OpenSSL
> >
> > On Wed, 2022-10-05 at 15:00 +0900, Imazu Setsuo wrote:
> > > Hello.
> > >
> > > When I read the RSA private key file created with the ssh-keygen
> > > command that comes with Windows 10 with the PEM_read_Pr
05 at 15:00 +0900, Imazu Setsuo wrote:
Hello.
When I read the RSA private key file created with the ssh-keygen
command that comes with Windows 10 with the PEM_read_PrivateKey()
function, the following error occurred.
error: 0906D06C: lib(9): func(109): reason(108)
The platform is CentOS7, Op
SA private key file created with the ssh-keygen
> command that comes with Windows 10 with the PEM_read_PrivateKey()
> function, the following error occurred.
>
> error: 0906D06C: lib(9): func(109): reason(108)
>
> The platform is CentOS7, OpenSSL 3.0.5.
> Is the private k
Hello.
When I read the RSA private key file created with the ssh-keygen command that
comes with Windows 10 with the PEM_read_PrivateKey() function, the following
error occurred.
error: 0906D06C: lib(9): func(109): reason(108)
The platform is CentOS7, OpenSSL 3.0.5.
Is the private key file
On 08/21/2017 01:41 PM, Jeffrey Walton wrote:
openssl req -outform $format -config $cadir/openssl-root.cnf -set_serial
0x$(openssl rand -hex $sn)\
-inform $format -key private/ca.key.$format -subj "$DN"\
-new -x509 -days 7300 -sha256 -extensions v3_ca -out
certs/ca.cert.$format
u
> openssl req -outform $format -config $cadir/openssl-root.cnf -set_serial
> 0x$(openssl rand -hex $sn)\
> -inform $format -key private/ca.key.$format -subj "$DN"\
> -new -x509 -days 7300 -sha256 -extensions v3_ca -out
> certs/ca.cert.$format
>
> unable to load Private Key
> 14049243077
format=der
openssl pkey -inform $format -in private/ca.key.$format -text -noout
Private-Key: (256 bit)
priv:
48:b3:4e:c5:0a:0c:af:78:b9:a2:d4:b8:7e:18:78:
f2:39:9c:77:51:a3:1c:6f:df:31:20:e3:e4:9a:52:
3d:06
pub:
04:ce:ff:5d:d4:c7:b6:9c:c2:31:d9:38:fe:2b:9c:
70:3a:fd:22:6d:97:
Did you get solution? I am having same problem
--
View this message in context:
http://openssl.6102.n7.nabble.com/Application-simply-comes-out-in-the-function-PEM-write-RSAPrivateKey-The-private-key-file-is-simply--tp2033p49530.html
Sent from the OpenSSL - User mailing list archive at
On Fri, Oct 04, 2013 at 10:05:08PM -0400, Dave Thompson wrote:
> > 1) is this a reasonable thing to do?
>
> Yes.
Ok thanks. That's reassuring.
> You don't say why you chose to generate keys centrally. In case you didn't
> know, even with your own CA you *can* still use the conventional process
> From: owner-openssl-us...@openssl.org On Behalf Of Dave Mitchell
> Sent: Friday, October 04, 2013 17:59
> I'm writing an openssl-based app that uses client and sever certs,
> generated using a private root CA. Each client has its own cert and
> private key.
>
> For ease of deployment, I'm combi
I'm writing an openssl-based app that uses client and sever certs,
generated using a private root CA. Each client has its own cert and
private key.
For ease of deployment, I'm combining the private key and public cert
into a single file, i.e.:
$ cat client.key client.crt > client.privcrt
Th
-- Forwarded message --
From: Kamalraj Madhurakasan
Date: Thu, Jun 23, 2011 at 12:04 PM
Subject: Application simply comes out in the function
PEM_write_RSAPrivateKey.The private key file is simply 0KB.
To: openssl-users@openssl.org
Hi,
I am new to openssl and trying to create
Hi,
I am new to openssl and trying to create the Self-signed Certificate using
openssl in my application.
I downloaded openssl for windows (version OpenSSL 1.0.0d 8 Feb 2011) and got
libeay32.lib, ssleay32.lib, libeay32.dll and ssleay32.dll.
I linked my application with these libraries and kept
e function
"SSL_CTX_use_certificate_chain_file", but i'm getting an error from the
function "SSL_CTX_use_PrivateKey_file" while i'm trying to set the
private key (which is in PEM format). The error i received is /*unable
to set private key file: 'device_private
carock wrote:
Unfortunately, I'm dealing with an HP Proliant server. Specifically the iLO
interface which is a backend management device embeded in the server.
This device has it's own SSL cert from the factory. With the latest rounds
of updates from Firefox, that browser now complains "my cert
ivate one such as "serverfoo.local".
>
> Where are you getting the CSR from if you don't have a private key?
>
> Regards,
> Graham
> --
>
>
>
--
View this message in context:
http://www.nabble.com/self-signed-cert-without-private-
carock wrote:
Can the same process be duplicated without going commercial? I need a
certificate that doesn't use a FQDN for the common name and I haven't found
a commercial one that allows that.
Set up your own CA, and issue your own certificates to your own
requirements. The problem then boi
sn't work with Firefox, but it does
with I.E.
Ideas?
Thanks,
Chuck
You cannot self-sign a certificate without the private key file. The
private key file is the thing which allows the signature to be
created, the public key (in the certificate) is the thing which allows
the signat
You cannot self-sign a certificate without the private key file. The
private key file is the thing which allows the signature to be
created, the public key (in the certificate) is the thing which allows
the signature to be verified.
Commercial SSL certificates don't require *your* privat
I need to generate a self-signed certificate from a normal CSR file. I don't
have the private key that goes with the CSR though.
All of the examples for generating a self-signed cert have the private key
file listed in the command string. I tried running it without it and it
fails though.
About a year ago, I posted to this mailing list looking for
information debugging errors I had trying to make stunnel operate in
OpenSSL's FIPS mode. I was able to do this with the help with the aid
of Dr. Henson.
One of the suggestion he made to me was to convert my private keys
into PKCS#8 for
nd line tool> like this;> > $ openssl s_client -connect secure.incab.se/verify/server/click:443> -cert trusted.cer> > The error I receive is;> unable to load client certificate private key file> 9613:error:0906D06C:PEM routines:PEM_read_bio:no start> line:pem_lib.c:644:Exp
secure.incab.se/verify/server/click:443
-cert trusted.cer
The error I receive is;
unable to load client certificate private key file
9613:error:0906D06C:PEM routines:PEM_read_bio:no start
line:pem_lib.c:644:Expecting: ANY PRIVATE KEY
I have been unable to find information pertaining to this error message
ver/click:443
> -cert trusted.cer
>
> The error I receive is;
> unable to load client certificate private key file
> 9613:error:0906D06C:PEM routines:PEM_read_bio:no start
> line:pem_lib.c:644:Expecting: ANY PRIVATE KEY
>
> I have been unable to find information pertaining to
receive is;
> unable to load client certificate private key file
> 9613:error:0906D06C:PEM routines:PEM_read_bio:no start
> line:pem_lib.c:644:Expecting: ANY PRIVATE KEY
Add "-key" option.
Best regards,
--
Marek Marcola <[EMAIL PROTECTED]>
_
certificate private key file
9613:error:0906D06C:PEM routines:PEM_read_bio:no start
line:pem_lib.c:644:Expecting: ANY PRIVATE KEY
I have been unable to find information pertaining to this error message
on the OpenSSL site, and Google is somewhat unhelpful since I am running
linux and a lot of the URLs
On Thu, Jun 24, 2004, McCune, Michael wrote:
> Hi Andy,
>
> My prior post might help you (below). I basically decrypted the
> original key (using "openssl pkcs8") I had generated with OpenSSL (a RSA
> key), and at the same time, it was converted to a PKCS8 format.
>
> I stripped off the header
;
>
--
Tim
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Andrew B.
Michaelis
Sent: Thursday, June 24, 2004 12:19 PM
To: [EMAIL PROTECTED]
Subject: Question on Converting a private key file.
Greetings all,
I am new to this list. I am also new to
J7v0epQI5anF9QZsMd0PlTD8bTSv6IrudyWPgvJYZygAF11yQWcfJYSpBlAqweiS
...
What format is your private key file in?
Andrew B. Michaelis wrote:
Greetings all,
I am new to this list. I am also new to understanding a lot
of SSL encryction. What I am attemting to/need to do is to
take an existing private key created with the openSSL tool
and
ble to load the original private key file created
with openSSL. The keytool says it is not x509 format. Is
there a way using openssl, subcommands of x509 or other
to convert an existing key file from PEM or DER to x509
or PKCS#7 ( this format can be used by keytool as well )
Many thanks in advance for a
Hi Hu,
hu wrote:
> Hi, all
> I use a script to run openssl command 'openssl sime' for signing message.
> For example, running "openssl smime -sign -inkey PrivateKey.pem". Then
> command asks me input pass PEM password. How to avoid giving password
> in a interactive way, i.e. how to pass passwor
I have found the -passin option specifies the password for command.
Thanks!
Ji Hu
- Original Message -
From: "Baber Amin" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Sunday, June 09, 2002 8:52 PM
Subject: Re: how to access *private key file without inputing
ED] 06/09/02 12:15 PM >>>
I cant find the -noout option for command, such as "openssl smime -sign
-inkey PrivateKey.pem". How do you do it
- Original Message -
From: ***
To: [EMAIL PROTECTED]
Sent: Sunday, June 09, 2002 11:44 AM
Subject: Re: how to access priva
Hi, all
I use a script to run openssl command 'openssl sime' for signing message.
For example, running "openssl smime -sign -inkey PrivateKey.pem". Then
command asks me input pass PEM password. How to avoid giving password
in a interactive way, i.e. how to pass password to command when lunching th
I cant find the -noout option for
command, such as "openssl smime -sign -inkey PrivateKey.pem". How do you do
it
- Original Message -
From:
董大伟
To: [EMAIL PROTECTED]
Sent: Sunday, June 09, 2002 11:44
AM
Subject: Re: how to access private key
fi
I think you just specify -noout option to your
command
- Original Message -
From:
hu
To: [EMAIL PROTECTED]
Sent: Saturday, June 08, 2002 10:20 PM
Subject: how to access private key file
without inputing password interactively
Hi, all
I met a
Hi, all
I met a problem. I use a script to run openssl
command. When it need access a private key file, user must input password
for protection reason. But it is done by the interactive way. But I
hope script to run commands automaticly, without inputing password
interactively. How to do
Gary Chen wrote:
>Pls run the CA.pl in the path /usr/ssl/ because the path of the ca
>private key is the relative path of /usr/ssl.
>Or, u should modify the openssl.cnf file to change the private key
>path to the absoulte path.
This doesn't seem to be the problem. The path in open
Hi all!
MC> I've got a problem parsing the CA's private key file generated by the
MC> utility CA.pl. When CA.pl wants to read the private key of the CA
MC> (/demoCA/private/cakey.pem) and I enter the _correct_ PEM pass phrase I
MC> always get the following error:
#>&g
Hi all!
I've got a problem parsing the CA's private key file generated by the
utility CA.pl. When CA.pl wants to read the private key of the CA
(/demoCA/private/cakey.pem) and I enter the _correct_ PEM pass phrase I
always get the following error:
#> /usr/ssl/misc/CA.p
I have a question
regarding the private key file. I am working on writing a java program
that will extract the public and private key from a keystore file and then
overwrite the cert.pem and file.pem from another program that is using
OpenSSL. The cert.pem and file.pem are created use the
Scott Taggart wrote:
>
> Hi,
>
> I am using "req -new..." to generate a privkey.pem file. I see how I can
> get an encoded version of the private key file using the "rsa -in
> privkey.pem" command. What I need, however, is a "binary" form (bette
Hi,
I am using "req -new..." to generate a privkey.pem file. I see how I can
get an encoded version of the private key file using the "rsa -in
privkey.pem" command. What I need, however, is a "binary" form (better yet
a "C" format). I don't see
Hi All,
I don't know where to get the Certificate Key File from??? Actually I
have just created the CA and a Certificate with the help of Openssl CA.sh
script... Don't have any file for the private key.
Pls. throw some light!!!
Regards
Ravi
44 matches
Mail list logo
