Showing posts with label OpenSSL. Show all posts
Showing posts with label OpenSSL. Show all posts

Monday, May 2, 2016

How to extract Private key from keystore ?

There can be a situation where you want to extract private key from your keystore but it is not a straight forward as we think as It involves two steps i.e.
·         Extracting private key from keystore in PKCS#12 format
·         Converting it to .PEM file

Step1: Extracting in PKCS format
keytool -v -importkeystore -srckeystore KEYSTORE_NAME -srcalias CERTIFICATE_ALIAS -destkeystore FILE_NAME.p12 -deststoretype PKCS12
Eg: keytool -v -importkeystore -srckeystore keystore.jks -srcalias  application -destkeystore privatekey.p12 -deststoretype PKCS12

Note: If you don’t know the alias name of your certificate then you can display it:
keytool -list -v -keystore keystore.jks
Step2: Converting it into .PEM FILE
openssl pkcs12 -in privatekey.p12 -out private.pem

            

Wednesday, October 14, 2015

How to generate SSL Key, CSR and Self Signed Certificate using OpenSSL.

I have already discussed how to generate SSL certificate using keytool over here. In this article, I am going to explain how can you achieved the same thing using OpenSSL tool.
The three differnet files that I am going to generate i.e. :
  • waheedtechblog.key
  • waheedtechblog.csr
  • waheedtechblog.crt

Generate Private key : waheedtechblog.key

openssl genrsa -des3 -out waheedtechblog.key 1024



Generate a Certificate Signing Request (CSR)

Using above generated key file, We will now create the CSR file

openssl req -new -key waheedtechblog.key -out waheedtechblog.csr



Generate a Self-Signed SSL Certificate

openssl x509 -req -days 365 -in waheedtechblog.csr -signkey waheedtechblog.key -out waheedtechblog.crt



These file can be used to enable SSL in Apache Server.

Sometime, we need to remove passphrase to run key in Apache Server, if you get such issue while enabling SSL in Apache Server then run following command to remove passphrase :

openssl rsa -in waheedtechblog.key -out waheedtechblog_new.key



Your new file is key without encryption.


Thank you..!!!!




How TOPT Works: Generating OTPs Without Internet Connection

Introduction Have you ever wondered how authentication apps like RSA Authenticator generate One-Time Passwords (OTPs) without requiring an i...