Re: How to use publickey from x509 certificate?

• Previous message: Ian Rogers: "concurrent sftp"
• In reply to: Tanja Wittke: "How to use publickey from x509 certificate?"
• Next in thread: Tanja Wittke: "Re: How to use publickey from x509 certificate?"
• Reply: Tanja Wittke: "Re: How to use publickey from x509 certificate?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Thu, 08 Jul 2004 22:19:42 +1000
To: Tanja Wittke <tawi@gruft.de>

Tanja Wittke wrote:
> Hello,
>
> I have the following problem: I want to use publickey authentication by
> using the publickey of a x509 certificate stored on a java card. I can
> already extract the publickey of the certificate and write it into a
> file. The problem i have is that i don't know how to convert the
> certificate's publickey into an rsa publickey format that openssh will
> accept.

You will need the private key if you want to do ssh authentication too,
this isn't contained in the certificate. Most smartcards are configured
not to allow extraction of the private key.

The public key is easy to extract:

$ openssl x509 -pubkey -noout -in newcert.pem
-----BEGIN PUBLIC KEY-----
MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCiax2Tn3aXOVOqSw5EP+Hc+Euy
hyfm5XxYFFhCI8KOw9UcUZ5uaZ4u+hca8DlM6vrP4GnU1f8RQK77D/uLRrwGb+5k
X0In4/sbSipOG3mxnPN9LC5gS06t1JSbOwhWbGECtWwbYCz0XF/HsFf5gP06Sexa
aYMN/isaJQjBSXBECQIDAQAB
-----END PUBLIC KEY-----

(this assumes your certificate is PEM encoded)

-d

• Previous message: Ian Rogers: "concurrent sftp"
• In reply to: Tanja Wittke: "How to use publickey from x509 certificate?"
• Next in thread: Tanja Wittke: "Re: How to use publickey from x509 certificate?"
• Reply: Tanja Wittke: "Re: How to use publickey from x509 certificate?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]