My apologies: $ openssl rsa -pubin -in rsa.public -noout -text
-Kyle H On 5/3/07, Kyle Hamilton <[EMAIL PROTECTED]> wrote:
The CA doesn't generate the public key in your certificate. You generate it, and you send it to the CA to be bound to your identity -- the CA uses its private key to sign the certificate, and the verifier already has the CA's public key to verify with. Without the public key in your certificate matching the private key in your private key file, you cannot prove that you have the correct private key to the key in the certificate. What this means is that the public key output from your openssl rsa command is the same data that you would get if you extracted the public key from the certificate. You don't need to extract it from the certificate. Use: $ openssl rsa -in rsa.public -noout -text to verify that it is the same. -Kyle H On 5/3/07, Janet N <[EMAIL PROTECTED]> wrote: > Hi, > > I have a certificate in pem format issued to me by a CA, and a private key > which I generated. Since I need to do domain key signing (dkim), I was > asked to > use the followng openssl command to generate the public key: > > $ openssl rsa -in rsa.private -out rsa.public -pubout -outform PEM > > Since I've already gotten a public key from the CA is there anyway that I > can extract the > info in my public key to produce the same result as the above openssl > command? > > The following is what I need to get out from my public key (openssl x509 -in > public.key -nnout), for ex: > Modulus (1024 bit): > > 00:a0:f3:2a:3a:ac:38:6c:36:2c:14:7d:54:77:ec: > > 78:05:e1:b5:aa:a0:6d:77:35:df:57:2d:3f:99:d1: > > 52:f3:0a:45:89:64:e7:73:18:d4:27:9e:6e:ee:8e: > > 84:3c:81:bc:5e:0e:f2:28:f5:11:b9:23:77:99:b5: > > e0:70:0f:dd:4d:7f:a3:ff:13:d9:6f:25:00:cb:d9: > > 09:f3:e0:45:c7:fc:25:56:f4:37:84:7e:f6:35:50: > > 93:7d:91:ce:aa:e8:a9:18:10:f5:ac:b2:f5:6f:94: > > 33:a9:da:c9:5b:10:a6:42:26:d6:8f:bd:5b:86:08: > 0a:9f:6a:9b:3c:27:41:63:39 > Exponent: 65537 (0x10001) > > > Thanks any help is much appreciated. > > -- -Kyle H
-- -Kyle H ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]