So I read that this command

openssl x509 -pubkey -outform der -in 1.crt > 1_pubkey.der

Should give me the public key in der format, but it says than the > is an unknown parameter.. Then I tried without > and with -out instead.. But it gave me something mixed of base64 and binary encoded.

How can I make sure this is only binary?

And I'm not sure how to get a private key in DER either.. Can anyone help me with the commands?

I have the following files:

.pfx .crt

1 Answer

Public Key

Use openssl x509 -pubkey to extract the public key (both the public key and certificate in PEM), then pipe that into openssl rsa -pubin -outform DER to convert the public key to DER. The -out <filename> option saves you having to redirect the output.

openssl x509 -pubkey -in 1.crt | openssl rsa -pubin -outform DER -out 1_pubkey.der

Private Key

Simply extract the private key from the .pfx first with openssl pkcs12 -in 1.pfx -nocerts and pipe that into openssl rsa -outform DER to convert it:

openssl pkcs12 -in 1.pfx -nocerts | openssl rsa -outform DER -out 1_privkey.der

The above will ask for the .pfx private key initially then ask you for a new pass phrase for the PEM (twice) before asking you again for the PEM pass phrase when it converts from PEM to DER.

3

Your Answer

Sign up or log in

Sign up using Google Sign up using Facebook Sign up using Email and Password Submit

Post as a guest

Post Your Answer Discard

By clicking “Post Your Answer”, you agree to our terms of service, privacy policy and cookie policy