Get private key from PEM

2
votes

PEM file content.I have the passphrase of PEM file as well.

*Bag Attributes
    localKeyID: 12 7B 3C 4C ... 
subject=/C..OTHER FIELDS
-----BEGIN CERTIFICATE-----
...
-----END CERTIFICATE-----
Bag Attributes
    localKeyID: 12 7B 3C 4C ..
Key Attributes: <No Attributes>
-----BEGIN ENCRYPTED PRIVATE KEY-----
...
-----END ENCRYPTED PRIVATE KEY-----*

I am able to extract certificate from PEM file with command.

openssl x509 -outform der -in client.pem -out your-cert.crt

But I am not able to extract private key.Tried below listed commands. OpenSSL hangs for both the commands. Am I missing something obvious here ?

openssl pkey -in client.pem -out key.pem

I need to extract client cert and key file to create SSLSocketFactory object in java.

1
javasslhttpsopensslpkcs#12
You should probably be using the openss pkcs12 ... command. Dave Thompson provides an awk command at What are bag attributes and how can i generate them?jww
openssl pkcs12 command works with .pfx file but the file given to me is in PEM format.blueSky
Stack Overflow is a site for programming and development questions. This question appears to be off-topic because it is not about programming or development. See What topics can I ask about here in the Help Center. Perhaps Super User or Unix & Linux Stack Exchange would be a better place to ask. Also see Where do I post questions about Dev Ops?jww
My bad; I thought you were trying to do this in C or Java. If you need help with unrelated commands, like openssl to convert a certificate, you should ask on another site in the stack exchange network.jww

1 Answers

2
votes

I assumed commandline will prompt for entering the passphrase but it needs to be provided argument
-passin file:passphrase.txt


openssl pkey -inform PEM -outform DER -in client.pem -passin file:passphrase.txt -out key.pem