Openssl Unable To Load Private Key Error
Contents |
here for a quick overview of the site Help Center unable to load private key openssl pkcs12 Detailed answers to any questions you might have Meta
Openssl Unable To Load Private Key Bad Decrypt
Discuss the workings and policies of this site About Us Learn more about Stack
Unable To Load Ca Private Key Openssl
Overflow the company Business Learn more about hiring developers or posting ads with us Stack Overflow Questions Jobs Documentation Tags Users Badges Ask Question
Pem Routines:pem_read_bio:no Start Line:pem_lib.c:701:expecting: Any Private Key
x Dismiss Join the Stack Overflow Community Stack Overflow is a community of 6.2 million programmers, just like you, helping each other. Join them; it only takes a minute: Sign up Can't get private key with openssl (no start line:pem_lib.c:703:Expecting: ANY PRIVATE KEY) up vote 6 down vote openssl: error:140b0009:ssl routines:ssl_ctx_use_privatekey_file:pem lib favorite I have a .key file, when I do openssl rsa -text -in file.key I get unable to load Private Key 140000419358368:error:0906D06C:PEM routines:PEM_read_bio:no start line:pem_lib.c:703:Expecting: ANY PRIVATE KEY Also I have a .cer file and when I do openssl x509 -text -in file.cer I get unable to load certificate 140387178489504:error:0906D06C:PEM routines:PEM_read_bio:no start line:pem_lib.c:703:Expecting: TRUSTED CERTIFICATE But if as pointed here I run the command like: openssl x509 -text -inform DER -in file.cer I get Certificate: Data: Version: 3 (0x2) Some more information ... -----BEGIN CERTIFICATE----- MIIEdDCCA1ygAwIBAgIUMjAwMDEwMDAwMDAxMDAwMDU4NjcwDQYJKoZIhvcNAQEF ... -----END CERTIFICATE----- But that doesn't seem to work with the key, because when I run openssl rsa -text -inform DER -in aaa010101aaa__csd_10.key I get unable to load Private Key 140004844304032:error:0D0680A8:asn1 encoding routines:ASN1_CHECK_TLEN:wrong tag:tasn_dec.c:1337: 140004844304032:error:0D06C03A:asn1 encoding routines:ASN1_D2I_EX_PRIMITIVE:nested asn1 error:tasn_dec.c:849: 140004844304032:error:0D08303A:asn1 encoding routines:ASN1_TEMPLATE_NOEXP_D2I:nested asn1 error:tasn_dec.c:769:Field=version, Type=RSA 140004844304032:error:04093004:rsa routines:OLD_RSA_PRIV_DECODE:RSA lib:rsa_ameth.c:115: 140004844304032:error:0D0680A8:asn1 encoding routines:ASN1_CHECK_TLEN:wrong tag:tasn_dec.c:1337: 140004844304032:error:0D06C03A:asn1 encoding routines:ASN1_D2I_EX_PRIMITIVE:
here for a quick overview of the site Help Center Detailed answers to any questions you might have Meta Discuss the workings and policies of this site About Us Learn more about Stack Overflow the company nodejs pem routines:pem_read_bio:no start line Business Learn more about hiring developers or posting ads with us Stack Overflow Questions Jobs unable to load client certificate private key file Documentation Tags Users Badges Ask Question x Dismiss Join the Stack Overflow Community Stack Overflow is a community of 6.2 million programmers, openssl unable to load public key just like you, helping each other. Join them; it only takes a minute: Sign up Unable to load Private Key up vote 3 down vote favorite I am new to SSL/OpenSSL and I'm working on Windows 7. http://stackoverflow.com/questions/31630544/cant-get-private-key-with-openssl-no-start-linepem-lib-c703expecting-any-p I'm trying to configure HTTPS for my ElasticBeanstalk environment following these instructions. I'm at Step 2 in "Create a Private Key". After I issue the command to generate the key pair: openssl genrsa 2048 > privatekey.pem I get: Generating RSA private key, 2048 bit long modulus ........................................+++ ...............................+++ unable to write 'random state' e is 65537 (0x10001) However, it does write a key to my directory. But after the second command: openssl req -new http://stackoverflow.com/questions/27584823/unable-to-load-private-key -key privatekey.pem -out csr.pem I get: unable to load Private Key 6312:error:0906D06C:PEM routines:PEM_read_bio:no start line:pem_lib.c:647:Expecting: ANY PRIVATE KEY I've tried Googling this a bit, but none of the solutions I've found seem to be relevant for me. I checked the generated key and it looks like -----BEGIN RSA PRIVATE KEY----- {lots of characters} -----END RSA PRIVATE KEY----- What am I doing incorrectly? windows amazon-web-services openssl elastic-beanstalk share|improve this question edited Dec 21 '14 at 19:56 jww 35.7k21112225 asked Dec 20 '14 at 22:17 ethan123 387313 add a comment| 3 Answers 3 active oldest votes up vote 2 down vote unable to load Private Key 6312:error:0906D06C:PEM routines:PEM_read_bio:no start line:pem_lib.c:647:Expecting: ANY PRIVATE KEY I ran your commands on OS X, and I could not reproduce the results. I did use the -config option because I have an "OpenSSL server config template" that makes it easy to generate CSRs and self signed certificates: $ mkdir test $ cd test $ openssl req -new -key privatekey.pem -out csr.pem -config example-com.conf The configuration file is named example-com.conf, and you can find it at How do I edit a self signed certificate created using openssl xampp?. Edit it to suit your taste (in particular, the DNS names). If interested, here's the OpenSSL man pages on the req sub-command. I checked the generated key and it looks lik
here for a quick overview of the site Help Center Detailed answers to any questions you might have Meta Discuss the http://stackoverflow.com/questions/22646533/unable-to-load-certificates-when-trying-to-generate-pfx-file workings and policies of this site About Us Learn more about Stack http://superuser.com/questions/738817/how-do-i-convert-a-certificate-to-a-private-key Overflow the company Business Learn more about hiring developers or posting ads with us Stack Overflow Questions Jobs Documentation Tags Users Badges Ask Question x Dismiss Join the Stack Overflow Community Stack Overflow is a community of 6.2 million programmers, just like you, helping each other. Join unable to them; it only takes a minute: Sign up Unable to load certificates when trying to generate pfx file up vote 5 down vote favorite I have been struggling for the last three hours trying to create an .pfx file using OpenSSL. I have been following this document and have been following the instructions under the Get a certificate using OpenSSL unable to load header. I am at the step here: openssl pkcs12 -export -out myserver.pfx -inkey myserver.key -in myserver.crt and am using the OpenSSL.exe console. I get the error: unable to load certificates I have also tried this: x509 -text -in myserver.key and received the error: 0906D06D06C:PEM_read_bio:no start line:.\crypto\pem\pem_lib.b.c:703:Expecting: TRUSTED CERTIFICATE I also get that error if I try myserver.crt. I seem to get it no matter what I do. Can someone please help? ssl openssl share|improve this question edited Mar 25 '14 at 21:45 asked Mar 25 '14 at 21:22 davy 2,04382746 add a comment| 3 Answers 3 active oldest votes up vote 7 down vote I get the error: unable to load certificates myserver.crt needs to be in PEM format. Does it have ----- BEGIN CERTIFICATE ----- and ----- END CERTIFICATE -----? myserver.crt should actually be a chain of certificates (and not just the one server certificate). The chain should include all intermediate certificates needed by the client to verify the chain. You send all the intermediate certificates to solve the "which directory" problem. The "which directory"
here for a quick overview of the site Help Center Detailed answers to any questions you might have Meta Discuss the workings and policies of this site About Us Learn more about Stack Overflow the company Business Learn more about hiring developers or posting ads with us Super User Questions Tags Users Badges Unanswered Ask Question _ Super User is a question and answer site for computer enthusiasts and power users. Join them; it only takes a minute: Sign up Here's how it works: Anybody can ask a question Anybody can answer The best answers are voted up and rise to the top How do I convert a certificate to a private key? up vote 5 down vote favorite I'm trying to setup certificates for a web server (Splunk, in particular), and don't think I have them in the right format. I need to provide the path to a private key file, and a CA certificate. Right now, I have both of those in PEM format (the contents of both files start with "----BEGIN CERTIFICATE-----"). But that doesn't seem to be working, and my best guess is that the private key file needs to be in a different format. Basically, I'd like to have it in a format such that the command openssl rsa -in MYFILE -check succeeds (right now, that fails with "unable to load Private Key"). I can, however, currently verify it with openssl x509 -in MYFILE -text -noout So how can I convert the file so that the first command succeeds on it? ssl openssl share|improve this question asked Apr 7 '14 at 17:51 gsteff 12813 add a comment| 2 Answers 2 active oldest votes up vote 13 down vote accepted A certificate has only the public key, not the private one. When they're in PEM format, sometimes both the private key and the certificate are in the same file. Look for a BEGIN PRIVATE KEY or BEGIN RSA PRIVATE KEY header. If you find one, just separate the two blobs using a regular text editor. But if you have only the certificate, then you absolutely cannot get a private key out of it. A certificate has only the public key, and the entire security of asymmetric cryptography depends on the impossibility of finding the private key given the public one. share|improve this answer answered Apr 7 '14 at 17:58 grawity 158k19296381 add a comment| up vote 1 down vote It sounds like you have both the private key and cert in .pem format (X509) and need to convert that private key to the rsa private key format (RSA) A method to do that has been provided here: http://stackoverflow.com/questions/17733536/how-do-i-convert-a-private-key-to-an-rsa-private-key share|improve this answer answered Apr 7 '14 at 20:36 Dan L 1015 1 The private key with a BEGIN PRIVATE KEY header i