PEM encoded RSA private key
From Just Solve the File Format Problem
(Difference between revisions)
(Created page with "{{FormatInfo |formattype=electronic |subcat=Security |extensions={{ext|key}}, {{ext|pem}} }} '''PEM encoded RSA private key''' is a format that stores a private key, for use w...") |
m (→Software) |
||
| (4 intermediate revisions by one user not shown) | |||
| Line 4: | Line 4: | ||
|extensions={{ext|key}}, {{ext|pem}} | |extensions={{ext|key}}, {{ext|pem}} | ||
}} | }} | ||
| − | '''PEM encoded RSA private key''' is a format that stores | + | '''PEM encoded RSA private key''' is a format that stores an [[RSA private key]], for use with cryptographic systems such as [[SSL]]. |
| − | A public key can be derived from the private key, and the public key may be associated with one or more [[ | + | A public key can be derived from the private key, and the public key may be associated with one or more [[PEM encoded certificate|certificate]] files. |
| − | See also [[PEM]] | + | == See also == |
| + | * [[DER encoded RSA private key]] | ||
| + | * [[PEM]] | ||
== Identification == | == Identification == | ||
| Line 19: | Line 21: | ||
To generate a new private key: | To generate a new private key: | ||
| − | openssl genrsa | + | openssl genrsa -out example.key 2048 |
To add a password to an existing private key: | To add a password to an existing private key: | ||
| − | openssl rsa -des3 -in unprotected.key | + | openssl rsa -des3 -in unprotected.key -out protected.key |
To remove a password from an existing private key: | To remove a password from an existing private key: | ||
| − | openssl rsa -in protected.key | + | openssl rsa -in protected.key -out unprotected.key |
== Software == | == Software == | ||
| − | * [ | + | * [[OpenSSL]] |
Latest revision as of 22:15, 2 February 2016
PEM encoded RSA private key is a format that stores an RSA private key, for use with cryptographic systems such as SSL.
A public key can be derived from the private key, and the public key may be associated with one or more certificate files.
Contents |
[edit] See also
[edit] Identification
A key file is plain text, with base64-encoded payload data. It contains a line that reads "-----BEGIN RSA PRIVATE KEY-----".
[edit] Examples
To view the contents of a key, using OpenSSL:
openssl rsa -noout -text -in example.key
(This mostly just prints out opaque numbers, but note that the modulus can be used to determine whether the key corresponds to a particular certificate.)
To generate a new private key:
openssl genrsa -out example.key 2048
To add a password to an existing private key:
openssl rsa -des3 -in unprotected.key -out protected.key
To remove a password from an existing private key:
openssl rsa -in protected.key -out unprotected.key
