Created
January 8, 2020 10:55
-
-
Save dubs3c/3a5cff96577842787180ba82a5852961 to your computer and use it in GitHub Desktop.
steps to extract public key from a TLS/SSL cert and transform it into a format that can be used by jwt tokens
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# Copy Server certificate to cert.pem | |
openssl s_client -connect server.com:443 | |
# convert public key to hex values | |
$ openssl x509 -in cert.pem -pubkey -noout | xxd -p | tr -d "\\n" | |
<output1> | |
# Sign the jwt data. Remove the original signature first | |
$ echo -n "<jwt-without-signature>" |openssl dgst -sha256 -mac HMAC -macopt hexkey:<output1> | cut -d " " -f2 | |
<output2> | |
# Get the base64 encoded new signature | |
$ python -c "import base64,binascii;print(base64.urlsafe_b64encode(binascii.unhexlify('<output2>')).decode().replace('=',''))" | |
iBuJUSnutMkI-cKoSMAWB2KJbObdXR6_LLS93yo1y1w |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment