Converting PKCS#8 into PKCS#1 fails with openssl 3.0
Bug #1973344 reported by
jean-christophe manciot
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
openssl (Ubuntu) |
Invalid
|
Undecided
|
Unassigned |
Bug Description
On Ubuntu jammy
with OpenSSL 3.0.2:
$ openssl rsa -in rsakey.pkcs8 -out rsakey.pkcs1
writing RSA key
$ grep -- "-----BEGIN" rsakey.pkcs1
-----BEGIN PRIVATE KEY-----
With OpenSSL 1.1.1o or 1.1.1l
$ openssl rsa -in rsakey.pkcs8 -out rsakey.pkcs1
writing RSA key
$ grep -- "-----BEGIN" rsakey.pkcs1
-----BEGIN RSA PRIVATE KEY-----
Unfortunately, we still need to be able to generate PKCS #1 private keys as mysqld (8.0.29-
information type: | Private Security → Public |
To post a comment you must log in.
Hi!
You want to add -traditional to your openssl rsa command to get the previous behaviour:
❯ openssl rsa -in key.pem | grep BEGIN
writing RSA key
-----BEGIN PRIVATE KEY-----
❯ openssl rsa -in key.pem -traditional | grep BEGIN
writing RSA key
-----BEGIN RSA PRIVATE KEY-----