Convert pfx formatted private key to pem format
Question
I have a private key (not very secret one) that is very likely in a pfx format. I need to convert it to a pem format, in order to use it in signatures.
The key is in a one line. It doesn't have separate begin and end rows. It's in one line, base64 encoded, 2284 letters long (longer than regular x.509 that I have seen before). I got it with some other variables as well including:
seed id compatibility
I was able to see how it is created. It is created by first creating a
java.security.cert.X509Certificate
Then this is exported to a PFX format through a function.
Inside that function I see Keystore instance "PKCS12" mentioned. Also ByteArrayOutputStream is seen.
Any idea how I could convert this one lined base64 encoded private key to a pem format? That format should be accepted by the node module xmlCrypto , which I'm using for the signing. Currently the xmlCrypto gives following warning with the key:
Error: error:0D0680A8:asn1 encoding routines:ASN1_CHECK_TLEN:wrong tag
1 answers
solution1
0 ACCPTED 2016-08-24 12:55:14
Was able to solve this. The problem was, that the file wasn't in a pure pfx format. But it was in a base64 encoded format. In order to convert it to pem format with the help of the openssl tool, one must first decode the file to its original .pfx format. And do not use online decoderers. With linux, you can decode it like this:
echo <the encoded pfx content> | base64 --decode > decoded-pfx-filename.pfx
After that, you can use openssl:
openssl pkcs12 -in decoded-pfx-filename.pfx -out cert-and-privkey-in-pem.pem -nodes
And then you're done
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.