The two files you need are a PEM encoded SSL certificate and private key. PEM encoded certs and keys are Base64 encoded text with start/end delimiters that look like —–BEGIN RSA PRIVATE KEY—– or similar. To create an SSL certificate you first need to generate a private key and a certificate signing request, or CSR … Read more
You aren’t clear which files you combined, but it should work to use openssl to combine the cert and private key to a PKCS#12: cat cert_public_key.pem cert_private_key.pem >combined.pem openssl pkcs12 -export -in combined.pem -out cert.p12 or on the fly but (update:) the privatekey must be first: cat cert_private_key.pem cert_public_key.pem | openssl pkcs12 -export -out cert.p12 … Read more
You don’t need to export existing parameters then re-import over top of them. That forces your machine to generate an RSA key then throw it away. So specifying a keysize to the constructor doesn’t matter (if you don’t use the key it won’t generate one… usually). The public key file is a DER encoded blob. … Read more
There’s an article on the Code Project that has all the code you need to do this. It’s just a couple of classes so it’s a light-weight solution. To get the bytes for either a certificate or a key from the PEM file the following method will work, regardless of the order of the key … Read more
You are probably using the wrong certificate file, what you need to do is generate a self signed certificate which can be done as follows openssl req -newkey rsa:2048 -new -nodes -keyout key.pem -out csr.pem openssl x509 -req -days 365 -in csr.pem -signkey key.pem -out server.crt then use the server.crt var options = { key: … Read more
Unfortunately, the code in the answer you referenced isn’t really correct – it exports a private key PEM format, but with only the public key fields correctly set, this is not the same as exporting an RSA public key in standard format. I actually wrote the code in the other answer to that question, and … Read more
Another perspective for doing it on Linux… here is how to do it so that the resulting single file contains the decrypted private key so that something like HAProxy can use it without prompting you for passphrase. openssl pkcs12 -in file.pfx -out file.pem -nodes Then you can configure HAProxy to use the file.pem file. This … Read more
You can do this conversion with the OpenSSL library. Windows binaries can be found here. Once you have the library installed, the command you need to issue is: openssl x509 -in mycert.crt -out mycert.pem -outform PEM
See https://polarssl.org/kb/cryptography/asn1-key-structures-in-der-and-pem (search the page for “BEGIN RSA PRIVATE KEY”) (archive link for posterity, just in case). BEGIN RSA PRIVATE KEY is PKCS#1 and is just an RSA key. It is essentially just the key object from PKCS#8, but without the version or algorithm identifier in front. BEGIN PRIVATE KEY is PKCS#8 and indicates that … Read more
Please note: The code below is for exporting a private key. If you are looking to export the public key, please refer to my answer given here. The PEM format is simply the ASN.1 DER encoding of the key (per PKCS#1) converted to Base64. Given the limited number of fields needed to represent the key, … Read more