LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Security (http://www.linuxquestions.org/questions/linux-security-4/)
-   -   Using openssl to export JUST the public key? (http://www.linuxquestions.org/questions/linux-security-4/using-openssl-to-export-just-the-public-key-4175451181/)

sohmc 02-21-2013 05:35 PM

Using openssl to export JUST the public key?
 
Good evening everyone!

I had to create a new cert due to changes to the cryptography landscape. I do this so infrequently I constantly forget, but I'm in the process of writing a wikiHow article on it. :-)

I've done everything...except figure out a way to generate just my signed public key. I was able to convert my PEM key to a pkcs12 key, but this includes my private key. There must be a way to distribute a public key without e-mailing. I typically like to leave my public key on my website so that people can download it at their leisure instead of waiting on me to send it.

Is there a way to do this?


EDIT::
After hacking through the openssl pkcs12 manpage, here's what I've got:
Code:

openssl pkcs12 -export -out sohmc.public_cert.p12 -in CA_signed.public_key.pem -clcerts -nokeys -name "Sohmc - Public Key"
openssl asks for an export password, to which you should leave blank since you WANT people to add them. After generation, I verified this by issuing the following command and got the following output:
Code:

$ openssl pkcs12 -info -noout -in sohmc.public_cert.p12
Enter Import Password:
MAC Iteration 2048
MAC verified OK
PKCS7 Encrypted data: pbeWithSHA1And40BitRC2-CBC, Iteration 2048
Certificate bag

My original pkcs12 file that contains both my private and public keys has the following output:
Code:

$ openssl pkcs12 -info -noout -in sohmc.public_private_certs.p12
Enter Import Password:
MAC Iteration 2048
MAC verified OK
PKCS7 Encrypted data: pbeWithSHA1And40BitRC2-CBC, Iteration 2048
Certificate bag
PKCS7 Data
Shrouded Keybag: pbeWithSHA1And3-KeyTripleDES-CBC, Iteration 2048

Does this look right?


All times are GMT -5. The time now is 07:44 PM.