Re: problem with "pem" file, no start line. centos.

[PejuangSufi]

I'm trying to use this program..what should i do..im stuck at the certificate
validation where i uses rsa key in pem

https://workspaces.codeproject.com/leon-finker/ssl-tls-client-server-for-net-and-ssl-tunnelling

Openssl for windows



--
View this message in context: 
http://openssl.6102.n7.nabble.com/problem-with-pem-file-no-start-line-centos-tp10791p51048.html
Sent from the OpenSSL - User mailing list archive at Nabble.com.
__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.org
Automated List Manager   majord...@openssl.org

Re: problem with "pem" file, no start line. centos.

[David Schwartz]

On 11/18/2010 12:50 AM, Steve yongjin Shin wrote:


-BEGIN RSA PRIVATE KEY-
...omitted..
-END RSA PRIVATE KEY-
-BEGIN CERTIFICATE-
...omitted...
-END CERTIFICATE-
=
so I started my vnc reflect server
but, it shows error message
=
openssl_init: SSL_CTX_use_certificate_chain_file() failed.
ssl error: error:0906D06C:PEM routines:PEM_read_bio:no start line
=
my test.pem file itself definitely has a start line.
but, it shows that kind of error message.


The program wants a private key file, not an RSA private key file. You 
can convert one to the other with 'openssl pkey'.


openssl pkey -in my_rsa_private_key.pem -out my_private_key.pem

DS

__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.org
Automated List Manager   majord...@openssl.org

problem with "pem" file, no start line. centos.

[Steve yongjin Shin]

Hi all.

I have trouble with using certificates with openssl.

os : centos5.4
kernel : 2.6.27.29
openssl-ver : 0.9.8e-fips-rhel5

At first, I created "rsa private key" and let's suppose this is test.key.

with "test.key" I generated certificate request. and lets suppose this as 
test.csr

with "test.csr" I requested ssl certificate to "verisign.com"

and they gave me a certificates.

and I save it as "test.crt".


with this certificate, I try to run vnc reflect server.
my system requires "pem" file which includes rsa private key.
in here, I use openssl.

so, I concatenated test.key and test.crt as "test.pem"

when I verify test.pem with openssl,
(openssl verify test.pem), it says OK.

when I print out the contains,
(openssl x509 -in test.pem -text)
it shows

==

Certificate:
    Data:
    Version: 3 (0x2)
    Serial Number:
    16:81:64:a4:28:ca:12:df:ab:12:f1:9f:b1:b9:35:54
    Signature Algorithm: sha1WithRSAEncryption
    Issuer: C=US, O=VeriSign, Inc., OU=For Test Purposes Only.  No 
assurances., CN=VeriSign Trial Secure Server Root CA - G2
    Validity
    Not Before: Apr  1 00:00:00 2009 GMT
    Not After : Mar 31 23:59:59 2029 GMT
    Subject: C=US, O=VeriSign, Inc., OU=For Test Purposes Only.  No 
assurances., CN=VeriSign Trial Secure Server Root CA - G2
    Subject Public Key Info:
    Public Key Algorithm: rsaEncryption
    RSA Public Key: (2048 bit)
    Modulus (2048 bit):
.omitted..
    Exponent: 65537 (0x10001)
    X509v3 extensions:
    X509v3 Basic Constraints: critical
    CA:TRUE
    X509v3 Key Usage: critical
    Certificate Sign, CRL Sign
    1.3.6.1.5.5.7.1.12:
    
0_.].[0Y0W0U..image/gif0!0.0...+..k...j.H.,{..0%.#http://logo.verisign.com/vslogo.gif

    X509v3 Subject Key Identifier:
    48:19:E7:92:6F:92:9D:34:63:99:C0:F0:99:C8:D6:A5:8C:8C:7F:65
    Signature Algorithm: sha1WithRSAEncryption
    omitted...
-BEGIN CERTIFICATE-
..omitted.
-END CERTIFICATE-
==


when I open test.pem
this file shows.
==

-BEGIN RSA PRIVATE KEY-
...omitted..
-END RSA PRIVATE KEY-
-BEGIN CERTIFICATE-
...omitted...
-END CERTIFICATE-
=


so I started my vnc reflect server
but, it shows error message
=

openssl_init: SSL_CTX_use_certificate_chain_file() failed.
ssl error: error:0906D06C:PEM routines:PEM_read_bio:no start line
=


my test.pem file itself definitely has a start line.
but, it shows that kind of error message.

Searching google and the archives of this list turned nothing up
so I'm hoping someone here can help shed some light on this issue. 

Thanks in advance.