How to extract public key using OpenSSL?

OpensslPublic Key-EncryptionPki

Openssl Problem Overview

The following command generates a file which contains both public and private key:

openssl genrsa -des3 -out privkey.pem 2048

Source: http://www.openssl.org/docs/HOWTO/keys.txt">here</a>

With OpenSSL, the private key contains the public key information as well, so a public key doesn't need to be generated separately

How can we extract the public key from the privkey.pem file?

Thanks.

Openssl Solutions

Solution 1 - Openssl

openssl rsa -in privkey.pem -pubout > key.pub

That writes the public key to key.pub

Solution 2 - Openssl

Though, the above technique works for the general case, it didn't work on Amazon Web Services (AWS) PEM files.

I did find in the AWS docs the following command works: ssh-keygen -y

http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-key-pairs.html

edit Thanks @makenova for the complete line:

ssh-keygen -y -f key.pem > key.pub

Solution 3 - Openssl

For those interested in the details - you can see what's inside the public key file (generated as explained above), by doing this:-

openssl rsa -noout -text -inform PEM -in key.pub -pubin

or for the private key file, this:-

openssl rsa -noout -text -in key.private

which outputs as text on the console the actual components of the key (modulus, exponents, primes, ...)

Solution 4 - Openssl

For AWS importing an existing public key,

  1. Export from the .pem doing this... (on linux)

     openssl rsa -in ./AWSGeneratedKey.pem -pubout -out PublicKey.pub

This will produce a file which if you open in a text editor looking something like this...

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn/8y3uYCQxSXZ58OYceG
A4uPdGHZXDYOQR11xcHTrH13jJEzdkYZG8irtyG+m3Jb6f9F8WkmTZxl+4YtkJdN
9WyrKhxq4Vbt42BthadX3Ty/pKkJ81Qn8KjxWoL+SMaCGFzRlfWsFju9Q5C7+aTj
eEKyFujH5bUTGX87nULRfg67tmtxBlT8WWWtFe2O/wedBTGGQxXMpwh4ObjLl3Qh
bfwxlBbh2N4471TyrErv04lbNecGaQqYxGrY8Ot3l2V2fXCzghAQg26Hc4dR2wyA
PPgWq78db+gU3QsePeo2Ki5sonkcyQQQlCkL35Asbv8khvk90gist4kijPnVBCuv
cwIDAQAB
-----END PUBLIC KEY-----

2. However AWS will NOT accept this file.

You have to strip off the `-----BEGIN PUBLIC KEY-----` and `-----END PUBLIC KEY-----` from the file. Save it and import and it should work in AWS.

Solution 5 - Openssl

If your looking how to copy an Amazon AWS .pem keypair into a different region do the following:

openssl rsa -in .ssh/amazon-aws.pem -pubout > .ssh/amazon-aws.pub

Then

aws ec2 import-key-pair --key-name amazon-aws --public-key-material '$(cat .ssh/amazon-aws.pub)' --region us-west-2

Solution 6 - Openssl

use openssl to extract the pub file from the pem file as

openssl x509 -inform pem -in private_key.pem -pubkey -noout > public_key.pub
Categories
Recommended Openssl Solutions
Recommended Public Key-Encryption Solutions
Recommended Pki Solutions

Previous Solution:

How to convert binary string to decimal?

Javascriptnode.js

Next Solution:

What is a Question Mark "?" and Colon ":" Operator Used for?

JavaOperatorsTernary OperatorConditional Operator

Attributions

All content for this solution is sourced from the original question on Stackoverflow.

The content on this page is licensed under the Attribution-ShareAlike 4.0 International (CC BY-SA 4.0) license.

Content TypeOriginal AuthorOriginal Content on Stackoverflow
QuestionJakeView Question on Stackoverflow
Solution 1 - OpensslsteweView Answer on Stackoverflow
Solution 2 - OpenssllababidiView Answer on Stackoverflow
Solution 3 - OpensslcndView Answer on Stackoverflow
Solution 4 - OpensslBendoView Answer on Stackoverflow
Solution 5 - OpensslJustinView Answer on Stackoverflow
Solution 6 - OpensslArvindView Answer on Stackoverflow