• Forums
    • Public Forums
      • Community Connect
      • Dynatrace
        • Dynatrace Open Q&A
      • Application Monitoring & UEM
        • AppMon & UEM Open Q&A
      • Network Application Monitoring
        • NAM Open Q&A
  • Home /
  • Public Forums /
  • Network Application Monitoring /
  • NAM Open Q&A /
avatar image
Question by Matthew E. · Sep 10, 2014 at 08:56 PM ·

OpenSSL - private key convert from .bin to .pem

Hi,

I'm trying to use a private key that was exported from a Riverbed Steelhead as a password protected .bin file. (only option available)

When trying to decrypt using openssl to get it into .pem format, I'm receiving errors.

I'm having problems identifying what format the export from the Steelhead is in... .der, .pcks12,???

I can tell the file begins with the following header... (hope that helps identify the format)

------BEGIN ENCRYPTED PRIVATE KEY--------

-------END ENCRYPTED PRIVATE KEY----------

 

Does anyone know the openssl commands to find out what file format it is and ultimately how to decrypt and convert it to .pem so I can use the SSL decrypted decode on the AMD?

 

Thanks,

 

Matt

Comment

People who like this

0 Show 0
10 |2000000 characters needed characters left characters exceeded
  • Viewable by all users
  • Viewable by moderators
  • Viewable by moderators and the original poster
  • Advanced visibility
Toggle Comment visibility. Current Visibility: Viewable by all users

Up to 10 attachments (including images) can be used with a maximum of 50.0 MiB each and 250.0 MiB total.

1 Reply

  • Sort: 
  • Most voted
  • Newest
  • Oldest
avatar image

Answer by Matthew E. · Sep 11, 2014 at 09:42 PM

Continuing the thread here, I've done the following.

  1. Removed the cert from the file so it is just the key
  2. Ran command to convert to pem: openssl enc –in encryptedkey.bin –out key.pem -a
  3. Opened pem file and added begin and end tags
  4. Ran the last command to decrypt and got the following...


    [root@mydevice keys]# openssl pkcs12 -in encryptedkey.pem -out key.pem -nodes

8501:error:0D0680A8:asn1 encoding routines:ASN1_CHECK_TLEN:wrong tag:tasn_dec.c:1306:
8501:error:0D07803A:asn1 encoding routines:ASN1_ITEM_EX_D2I:nested asn1 error:tasn_dec.c:380:Type=PKCS12

Comment

People who like this

0 Show 1 · Share
10 |2000000 characters needed characters left characters exceeded
  • Viewable by all users
  • Viewable by moderators
  • Viewable by moderators and the original poster
  • Advanced visibility
Toggle Comment visibility. Current Visibility: Viewable by all users

Up to 10 attachments (including images) can be used with a maximum of 50.0 MiB each and 250.0 MiB total.

avatar image Erik S. · Sep 11, 2014 at 10:04 PM 0
Share

It looked like the key may have already been in .pem format and just using a different extension.  If that is the case, then pkcs12 is the wrong operation family, and you want to use rsa to simply decrypt the key.

the command for decrypting an encrypted .pem key is

openssl rsa -in encrypted_key_filename -out decrypted_key_filename

from article Extracting Web Server Private RSA Keys for Apache/OpenSSL Server

 

-- Erik

 

 

How to get started

First steps in the forum
Read Community User Guide
Best practices of using forum

NAM 2019 SP5 is available


Check the RHEL support added in the latest NAM service pack.

Learn more

LIVE WEBINAR

"Performance Clinic - Monitoring as a Self Service with Dynatrace"


JANUARY 15, 3:00 PM GMT / 10:00 AM ET

Register here

Follow this Question

Answers Answers and Comments

1 Person is following this question.

avatar image

Forum Tags

esm siebel Dynatrace Managed license nam probe wan citrix dna rest api configuration mq alerting NAM 2018 dashboard dcrumadvisory reports css nam universal decode database mobileapp RUM ads sap nam console scripting nam server sequence transactions nam 2019 upgrade
  • Forums
  • Public Forums
    • Community Connect
    • Dynatrace
      • Dynatrace Open Q&A
    • Application Monitoring & UEM
      • AppMon & UEM Open Q&A
    • Network Application Monitoring
      • NAM Open Q&A