forked from mami-project/KeyServer
-
Notifications
You must be signed in to change notification settings - Fork 0
OpenSSL Certificate Format
Javier Gusano Martinez edited this page Jul 1, 2016
·
4 revisions
Warning: During private key provision, the KeyServer don't check if the certificate private key file is on the right format. Please be sure you have exported this certificate correctly following this steps.
OpenSource KeyServer application uses PKCS8 key file format to load the private key. This is an example of private key exported on an external file on wrong format:
-----BEGIN RSA PRIVATE KEY-----
MIICWwIBAAKBgQCkblMUCt4s42BVmvJCpq9HEi8Xzvq63E5jVjS5unNLeEQ9xmxp
[ ... ]
mEvrXa5jP2ZN1EC7MQJAYTfwPZ8/4x/USmA4vx9FKdADdDoZnA9ZSwezWaqa44My
bJ0SY/WmNU+Z4ldVIkcevwwwcxqLF399hjrXWhzlBQ==
-----END RSA PRIVATE KEY-----
Using OpenSSL you can export the previous RSA key to the correct format:
openssl pkcs8 -topk8 -inform PEM -outform DER -in INPUT.key -nocrypt > OUTPUT.key
Note: For security reasons, please remove this private keys files when the provision process finish correctly.
OpenSource KeyServer
Copyright © 2016. All rights reserved.
- KeyServer File Structure
-
Pre-Installation Process
- Oracle Java 8 (JRE)
- Redis database
- GNU Screen
- [[OpenSSL (optional)|OpenSSL-Install]]
- Installation Process
- Configuration
- How to use?
- OpenSSL Certificate Management
- Updates