pavels.r...@gmail.com
unread,Mar 28, 2016, 5:23:58 AM3/28/16You do not have permission to delete messages in this group
Either email addresses are anonymous for this group or you need the view member email addresses permission to view the original message
to
Good morning!
i'm cant encrypt sting with real/production certificate.
But with TEST certificate all command encrypt and decrypt work.
openssl rsautl -encrypt -certin -inkey public.pem -in plain.txt -out crypted.txt -pubin
where:
public.pem - my TEST or PRODUCTION public key
plain.txt = file with test string
crypted.txt = file for encrypted string out
The key for PRODUCTION i'm get form .PFX/.p12 with command:
openssl pkcs12 -in certificate.p12 -out certificate.pem -nodes -clcerts
I get file with:
Bag Attributes
localKeyID: 29 08 ...
friendlyName: cp_exported
subject=....
-----BEGIN CERTIFICATE-----
...
-----END CERTIFICATE-----
Bag Attributes
localKeyID: 29 08 ...
friendlyName: cp_exported
Key Attributes
X509v3 Key Usage: 10
-----BEGIN PRIVATE KEY-----
....
-----END PRIVATE KEY-----
After i'm create public key, with there command:
openssl x509 -inform pem -in certificate.pem -noout -pubkey > certificate_public.pem
and get file with:
-----BEGIN PUBLIC KEY-----
...
-----END PUBLIC KEY-----
But if i make encrypt string:
openssl rsautl -encrypt -certin -inkey certificate_public.pem -in plain.txt -out crypted.txt -pubin
Get error:
Error getting RSA key
KEY3268:error:0607907F:digital envelope routines:EVP_PKEY_get1_RSA:expecting an rsa key:.\crypto\evp\p_lib.c:279:
Please i need help.
P.S. Test certificate generated with this:
openssl genrsa -out private.pem -aes256 2048
openssl rsa -in private.pem -pubout -out public.pem
Encrypt command:
openssl rsautl -encrypt -certin -inkey public.pem -in plain.txt -out crypted.txt -pubin
Decript command:
openssl rsautl -decrypt -inkey private.pem -in crypted.txt -out plain_fromEncrypt.txt
That work :(