PEM encoded RSA private key
From Just Solve the File Format Problem
(Difference between revisions)
(sample files) |
|||
(3 intermediate revisions by one user not shown) | |||
Line 4: | Line 4: | ||
|extensions={{ext|key}}, {{ext|pem}} | |extensions={{ext|key}}, {{ext|pem}} | ||
}} | }} | ||
− | '''PEM encoded RSA private key''' is a format that stores | + | '''PEM encoded RSA private key''' is a format that stores an [[RSA private key]], for use with cryptographic systems such as [[SSL]]. |
A public key can be derived from the private key, and the public key may be associated with one or more [[PEM encoded certificate|certificate]] files. | A public key can be derived from the private key, and the public key may be associated with one or more [[PEM encoded certificate|certificate]] files. | ||
Line 21: | Line 21: | ||
To generate a new private key: | To generate a new private key: | ||
− | openssl genrsa | + | openssl genrsa -out example.key 2048 |
To add a password to an existing private key: | To add a password to an existing private key: | ||
− | openssl rsa -des3 -in unprotected.key | + | openssl rsa -des3 -in unprotected.key -out protected.key |
To remove a password from an existing private key: | To remove a password from an existing private key: | ||
− | openssl rsa -in protected.key | + | openssl rsa -in protected.key -out unprotected.key |
== Software == | == Software == | ||
− | * [ | + | * [[OpenSSL]] |
+ | |||
+ | == Sample files == | ||
+ | * {{DexvertSamples|text/pemPrivateKey}} |
Latest revision as of 15:30, 30 July 2024
PEM encoded RSA private key is a format that stores an RSA private key, for use with cryptographic systems such as SSL.
A public key can be derived from the private key, and the public key may be associated with one or more certificate files.
Contents |
[edit] See also
[edit] Identification
A key file is plain text, with base64-encoded payload data. It contains a line that reads "-----BEGIN RSA PRIVATE KEY-----
".
[edit] Examples
To view the contents of a key, using OpenSSL:
openssl rsa -noout -text -in example.key
(This mostly just prints out opaque numbers, but note that the modulus can be used to determine whether the key corresponds to a particular certificate.)
To generate a new private key:
openssl genrsa -out example.key 2048
To add a password to an existing private key:
openssl rsa -des3 -in unprotected.key -out protected.key
To remove a password from an existing private key:
openssl rsa -in protected.key -out unprotected.key