On 03/09/2015 18:16, Viktor Dukhovni wrote: > On Thu, Sep 03, 2015 at 04:06:06PM +0000, Viktor Dukhovni wrote: >> On Thu, Sep 03, 2015 at 08:21:25AM -0700, tmcclure0501 wrote: >> >>> We have an embedded MQTT framework that we want to configure for mutual >>> authentication. The framework is complaining that it needs a key format of >>> PKCS#1. We have p12 and pem formats of the key. Does openssl support >>> converting keys to the PKCS#1, if so what is the command? >> I've never heard of a PKCS#1 key format, I'm only aware of >> >> PKCS#8 - Private key >> PKCS#12 - Private key and related certificates >> >> Consult the documentation for the product, this is not an OpenSSL >> question until at least the desired key format is known. > Perhaps what you're looking for is the legacy RSA key format (PEM > or DER encoded). > > -----BEGIN RSA PRIVATE KEY----- > -----END RSA PRIVATE KEY----- > > The "openssl rsa" command (unlike the "pkey" command) outputs RSA > keys in either DER or PEM formats. > So to summarize: First use the command "openssl pkcs12" and a text editor to split the p12 file into individual certificate and encrypted private key files. Then use the "openssl rsa" command to convert the encrypted private key files from PKCS#8 format to "old-openssl/PKCS#1" format. Enjoy Jakob -- Jakob Bohm, CIO, Partner, WiseMo A/S. http://www.wisemo.com Transformervej 29, 2860 S?borg, Denmark. Direct +45 31 13 16 10 This public discussion message is non-binding and may contain errors. WiseMo - Remote Service Management for PCs, Phones and Embedded -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://mta.openssl.org/pipermail/openssl-users/attachments/20150903/0ef1de3b/attachment.html>
