Skip to content

Instantly share code, notes, and snippets.

Show Gist options
  • Save pmtabe1/869b5d07b69e5024915134c257066b2a to your computer and use it in GitHub Desktop.
Save pmtabe1/869b5d07b69e5024915134c257066b2a to your computer and use it in GitHub Desktop.

The default format of keys was changed in OpenSSL 1.0. From OpenSSL 1.0 change log:

Make PKCS#8 the default write format for private keys, replacing the traditional format. This form is standardised, more secure and doesn't include an implicit MD5 dependency. [Steve Henson]

Good explanations of the difference between the two formats: https://tls.mbed.org/kb/cryptography/asn1-key-structures-in-der-and-pem

Converting RSA private key:

To convert from PKCS#8 to PKCS#1:

openssl pkcs8 -topk8 -inform pem -in file.key -outform pem -nocrypt -out file.pem

To convert from PKCS#8 to PKCS#1:

openssl rsa -in key1.pem -out key2.pem

Converting RSA public key:

To convert from PKCS#8 to PKCS#1:

openssl rsa -pubin -in <filename> -RSAPublicKey_out

To convert from PKCS#1 to PKCS#8:

openssl rsa -RSAPublicKey_in -in <filename> -pubout

Converting EC private key:

To convert from PKCS#8 to PKCS#1:

openssl ec -in ec2.pem -out ec3.pem
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment