0

I have a plain text public key coming from client. Now we don't want to save that public key as it is in the code/config, we want to create certificate out of it so that we can install it in the certificate store which is easy to maintain in case of the change in the public key. (I tried converting it to the CER, DER, CRT using OPENSSL but it is not working)

This is the public key I have:

MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl1nIJ9A6onY2dbNUY0I6OE7971BtDn+lpSb8Ce0+0mJfwldjYnWwoeYekDnkWMMzvQoDlrjKYW7WOSW22oZLJoJMlnSSGQtPp8afEIksjOiGSK+UaRKdDJVLfmqwEzGLndVnhu6dDxcIGAtzz7y38dcmH1rKlmZ36pqWBVPNcqQSSDt3E9F26st9ftNjTamw/hChGBGSJwpNVgtuNNf1W+Ts3RXhQpxBkEcYLz3rZe2F35rjsVi8iEEgXa18mzcKOgAAP9KipCegQfR80CoDAAdUx4g630QMHKn4sETWu3ztu3beWIoyLzgEZgQUn83bTHqGKQdAmdibk9bj7MI5jwIDAQAB

Convert .pem to .crt and .key

ashish d
  • 25
  • 4
  • 1
    This is a Base64 encoded public ASN.1/DER key in X.509/SPKI format. You can't make it a certificate just by changing the file extension. A certificate is more than a public key, see [X.509](https://en.wikipedia.org/wiki/X.509). – Topaco Jan 18 '23 at 10:17
  • Thank you @Topaco.. If client will give us CSR(Certificate signing request), can we create the certificate out of it? – ashish d Jan 18 '23 at 11:56
  • A CSR is used to request a certificate from a CA, see e.g. [here](https://en.wikipedia.org/wiki/Certificate_signing_request). Also, the CSR can be used to create a self-signed certificate, which is probably what you are interested in, see e.g. [here](https://www.baeldung.com/openssl-self-signed-cert). – Topaco Jan 18 '23 at 12:48

0 Answers0