Use OpenSSL to decrypt private key

Use OpenSSL to decrypt private key

openssl rsa -in *encrypted-key-file* -out *decrypted-key-file*

Example:

Encrypted private key file: /etc/ssl/private/sub.domain.tld_201908.enc.key 
New decrypted private key file: /etc/ssl/private/sub.domain.tld_201908.key 

root@eulinxhost119:/etc/ssl/private#
root@eulinxhost119:/etc/ssl/private# openssl rsa -in ./sub.domain.tld_201908.enc.key -out sub.domain.tld_201908.key
Enter pass phrase for ./sub.domain.tld_201908.enc.key:
writing RSA key
root@eulinxhost119:/etc/ssl/private#

root@eulinxhost119:/etc/ssl/private#

Opening the old encrypted private key: File starts with:
-----BEGIN ENCRYPTED PRIVATE KEY----- 

 Opening the new unencrypted private key: File starts with:
-----BEGIN RSA PRIVATE KEY-----

Use OpenSSL to verify the private key

openssl rsa -in certkey.key –check

Example:

root@eulinxhost119:/
root@eulinxhost119:/etc/ssl/private# openssl rsa -in sub.domain.tld_201908.key -check
RSA key ok
writing RSA key
-----BEGIN RSA PRIVATE KEY-----

[...]
-----END RSA PRIVATE KEY-----
root@eulinxhost119:/
root@eulinxhost119:/

OpenSSL documentation and examples

OpenSSL man-page: https://www.openssl.org/docs/manmaster/man1/openssl.html
OpenSSL examples: https://wiki.openssl.org/index.php/Command_Line_Utilities

No comments:

Post a Comment

Azure Managed Identities (technical service accounts)

Explaination Azure Managed Identities = technical service accounts Password is automatically managed, as it was the case in managed service ...