SyntaxFix

[linux] Can't get private key with openssl (no start line:pem_lib.c:703:Expecting: ANY PRIVATE KEY)

I have a .key file, when I do

openssl rsa -text -in file.key

I get

unable to load Private Key
140000419358368:error:0906D06C:PEM routines:PEM_read_bio:no start line:pem_lib.c:703:Expecting: ANY PRIVATE KEY

Also I have a .cer file and when I do

openssl x509 -text -in file.cer

I get 

unable to load certificate
140387178489504:error:0906D06C:PEM routines:PEM_read_bio:no start line:pem_lib.c:703:Expecting: TRUSTED CERTIFICATE

But if as pointed here I run the command like:

openssl x509 -text -inform DER -in file.cer

I get

Certificate:
    Data:
        Version: 3 (0x2)
        Some more information
        ...
-----BEGIN CERTIFICATE-----
MIIEdDCCA1ygAwIBAgIUMjAwMDEwMDAwMDAxMDAwMDU4NjcwDQYJKoZIhvcNAQEF
...
-----END CERTIFICATE-----

But that doesn't seem to work with the key, because when I run

openssl rsa -text -inform DER -in aaa010101aaa__csd_10.key

I get 

unable to load Private Key
140004844304032:error:0D0680A8:asn1 encoding routines:ASN1_CHECK_TLEN:wrong tag:tasn_dec.c:1337:
140004844304032:error:0D06C03A:asn1 encoding routines:ASN1_D2I_EX_PRIMITIVE:nested asn1 error:tasn_dec.c:849:
140004844304032:error:0D08303A:asn1 encoding routines:ASN1_TEMPLATE_NOEXP_D2I:nested asn1 error:tasn_dec.c:769:Field=version, Type=RSA
140004844304032:error:04093004:rsa routines:OLD_RSA_PRIV_DECODE:RSA lib:rsa_ameth.c:115:
140004844304032:error:0D0680A8:asn1 encoding routines:ASN1_CHECK_TLEN:wrong tag:tasn_dec.c:1337:
140004844304032:error:0D06C03A:asn1 encoding routines:ASN1_D2I_EX_PRIMITIVE:nested asn1 error:tasn_dec.c:849:
140004844304032:error:0D08303A:asn1 encoding routines:ASN1_TEMPLATE_NOEXP_D2I:nested asn1 error:tasn_dec.c:769:Field=version, Type=PKCS8_PRIV_KEY_INFO

How can I get the private key and its certificate?

This question is related to linux openssl ssl-certificate private-key

The answer is

I ran into the 'Expecting: ANY PRIVATE KEY' error when using openssl on Windows (Ubuntu Bash and Git Bash had the same issue).

The cause of the problem was that I'd saved the key and certificate files in Notepad using UTF8. Resaving both files in ANSI format solved the problem.

On my execution of openssl pkcs12 -export -out cacert.pkcs12 -in testca/cacert.pem, I received the following message:

unable to load private key 140707250050712:error:0906D06C:PEM routines:PEM_read_bio:no start line:pem_lib.c:701:Expecting: ANY PRIVATE KEY`

Got this solved by providing the key file along with the command. The switch is -inkey inkeyfile.pem

My two cents: came across the same error message in RHEL7.3 while running the openssl command with root CA certificate. The reason being, while downloading the certificate from AD server, Encoding was selected as DER instead of Base64. Once the proper version of encoding was selected for the new certificate download, error was resolved

Hope this helps for new users :-)

Source: Stackoverflow.com

Examples related to linux

grep's at sign caught as whitespace How to prevent Google Colab from disconnecting? "E: Unable to locate package python-pip" on Ubuntu 18.04 How to upgrade Python version to 3.7? Install Qt on Ubuntu Get first line of a shell command's output Cannot connect to the Docker daemon at unix:/var/run/docker.sock. Is the docker daemon running? Run bash command on jenkins pipeline How to uninstall an older PHP version from centOS7 How to update-alternatives to Python 3 without breaking apt?

Examples related to openssl

dyld: Library not loaded: /usr/local/opt/openssl/lib/libssl.1.0.0.dylib How to install OpenSSL in windows 10? SSL_connect: SSL_ERROR_SYSCALL in connection to github.com:443 How to fix: fatal error: openssl/opensslv.h: No such file or directory in RedHat 7 Homebrew refusing to link OpenSSL Solving sslv3 alert handshake failure when trying to use a client certificate How to install latest version of openssl Mac OS X El Capitan How to resolve the "EVP_DecryptFInal_ex: bad decrypt" during file decryption SSL error SSL3_GET_SERVER_CERTIFICATE:certificate verify failed Can't get private key with openssl (no start line:pem_lib.c:703:Expecting: ANY PRIVATE KEY)

Examples related to ssl-certificate

How to install OpenSSL in windows 10? Scraping: SSL: CERTIFICATE_VERIFY_FAILED error for http://en.wikipedia.org Not able to install Python packages [SSL: TLSV1_ALERT_PROTOCOL_VERSION] Letsencrypt add domain to existing certificate javax.net.ssl.SSLHandshakeException: Received fatal alert: handshake_failure bypass invalid SSL certificate in .net core How to add Certificate Authority file in CentOS 7 How to use a client certificate to authenticate and authorize in a Web API This certificate has an invalid issuer Apple Push Services iOS9 getting error “an SSL error has occurred and a secure connection to the server cannot be made”

Examples related to private-key

Can't get private key with openssl (no start line:pem_lib.c:703:Expecting: ANY PRIVATE KEY) Vagrant ssh authentication failure Differences between "BEGIN RSA PRIVATE KEY" and "BEGIN PRIVATE KEY" Unable to load Private Key. (PEM routines:PEM_read_bio:no start line:pem_lib.c:648:Expecting: ANY PRIVATE KEY) Convert .pem to .crt and .key How to Export Private / Secret ASC Key to Decrypt GPG Files

Tags

Ack Compilation Validationframework Tagfile Hotplugging Database-deadlocks Mips Storekit Django-south Msdeployserviceagent Custom-properties Logical-grouping Init.d Readlines Telerik-mvc Warden Renice Opengl-es-lighting Clicking Wscf Idref Keyeventargs C++builder-6 Avalonedit Authlogic-oid Post-build-event Interpolation Android-searchmanager Isolatedstorage Form-layout Incremental-linking Javax.comm Suffix-tree Nlog-configuration Makecert Appendchild Fairplay Mbox Winpe Visual-web-developer Static-resource Httplistenerrequest Tablerow Declarative-programming Precompile Unauthorizedaccessexcepti Federated Opencalais Core-services Android-layout Enscript Result-of Script-tag Google-earth-plugin Mogrify Network-traffic Bibtex Synchronous Zcml Nested-statement Subtree Registerclientscriptblock Spcontext Objective-c Deserialization Virtuoso Soundpool User-inactivity Invalid-argument Wolframalpha Ssh-keys Codesourcery Securitytrimmingenabled Connection-string Picking Sql-generation Nimble Boxsizer Specflow Signals Emulation Objective-j Code-visualization Fcgid Database-server Ibm-rad Alternate-access-mappings Merb-auth Rave-reports Wcf-endpoint Attach-to-process Luntbuild Meta-title Bank Ontime Noexcept Avaya Keypress Handwriting Mysql-management