I have a private key together with a certificate in a pem file. The part of the private key starts with:
-----BEGIN ENCRYPTED PRIVATE KEY-----
I have a passphrase for it.
I need to bring it back to the standard format:
-----BEGIN RSA PRIVATE KEY-----
I tried different commands:
Decrypt the key from original file:
openssl rsa -in cert+key.pem -out keydecry.pem
Copy only the Key part in an extra file pem file and run same command:
openssl rsa -in key.pem -out keydecry.pem
use the
pcks8
command:openssl pkcs8 -in key.pem -out keydecry.pem
I got always same error:
Enter pass phrase for key.pem:
unable to load Private Key
7308:error:0D0680A8:asn1 encoding routines:ASN1_CHECK_TLEN:wrong tag:.\crypto\asn1\tasn_dec.c:1198:
7308:error:0D07803A:asn1 encoding routines:ASN1_ITEM_EX_D2I:nested asn1 error:.\
crypto\asn1\tasn_dec.c:372:Type=X509_ALGOR
7308:error:0D08303A:asn1 encoding routines:ASN1_TEMPLATE_NOEXP_D2I:nested asn1 e
rror:.\crypto\asn1\tasn_dec.c:694:Field=pkeyalg, Type=PKCS8_PRIV_KEY_INFO
7308:error:2306A065:PKCS12 routines:PKCS12_item_decrypt_d2i:decode error:.\crypt
o\pkcs12\p12_decr.c:159:
7308:error:0907B00D:PEM routines:PEM_READ_BIO_PRIVATEKEY:ASN1 lib:.\crypto\pem\p
em_pkey.c:141:
I tested with Openssl 0.9 on linux and 1.0.1 on windows (both 32 bit and 64 bit). If I try the asn1parser
it works:
openssl asn1parse -in key.pem
0:d=0 hl=4 l=1233 cons: SEQUENCE
4:d=1 hl=2 l= 27 cons: SEQUENCE
6:d=2 hl=2 l= 9 prim: OBJECT :pbeWithMD5AndDES-CBC
17:d=2 hl=2 l= 14 cons: SEQUENCE
19:d=3 hl=2 l= 8 prim: OCTET STRING [HEX DUMP]:7BFD38372A5E0A60
29:d=3 hl=2 l= 2 prim: INTEGER :0800
33:d=1 hl=4 l=1200 prim: OCTET STRING [HEX DUMP]:36971F7945F8FE55C8F327
E849AB2B97957DF42D7C9691AB06DCE939BA37F64C09E5807D0BC22AE25E4D990D449B6967EDC35E......