[Pki-devel] How to find the private key Dogtag
Dinesh Prasanth Moluguwan Krishnamoorthy
dmoluguw at redhat.com
Thu Nov 7 19:34:44 UTC 2019
Hello Sharath,
(responding to your "To retrieve private key" email as well)
You can start by looking at:
https://access.redhat.com/documentation/en-us/red_hat_certificate_system/9/html/administration_guide/key_recovery_authority
For CLI instructions, refer:
https://www.dogtagpki.org/wiki/Certificate_Key_Archival
https://www.dogtagpki.org/wiki/PKI_KRA_Key_CLI
OR
For GUI, you can retrieve the PKCS#12 (.p12) file from the KRA Web UI:
https://<hostname>:<kra_instance_port>/kra
You can obtain the above URL by running `pkidaemon status` in the
server where you have KRA installed
Note that you need to import KRA Admin cert into browser in order to
retrieve keys
If you need more assistance, please feel free to reach out!
Good luck!
Regards,
--Dinesh
On Wed, 2019-11-06 at 19:30 +0530, Sharath wrote:
> Hello Team,
>
> I have certificate and the public key but where i can find the
> private
> key ??
>
> pki ca-cert-show 0x30 --output myCert.cer
>
> Key ID: 0x1a
> Algorithm: 1.2.840.113549.1.1.1
> Size: 1024
> Owner: CN=test_sharath01,O=tecra
> Public Key:
>
> MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCZNLvZQ+WVnBBHM3nw3UldIdVi
> droNReev+/iMyaLlvuof4io2V1Yv8oT5Yhfxuoblt+nqdWpAwgFeTHKxTpVmyNpZ
> UiyEdhLssIJ5cPGZ0BjRKjehsapPCMZzslvFbVG8Rb8E0md0av9ncJBcM9caicRz
> 7qeRqqunXFtvfViZ2QIDAQAB
>
> pki -d ~/.dogtag/nssdb -c Secret at 123 -n "PKI Administrator for
> tecra-db02" kra-key-show 0x1a
>
>
> Key ID: 0x1a
> Algorithm: 1.2.840.113549.1.1.1
> Size: 1024
> Owner: CN=test_sharath01,O=tecra
> Public Key:
>
> MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCZNLvZQ+WVnBBHM3nw3UldIdVi
> droNReev+/iMyaLlvuof4io2V1Yv8oT5Yhfxuoblt+nqdWpAwgFeTHKxTpVmyNpZ
> UiyEdhLssIJ5cPGZ0BjRKjehsapPCMZzslvFbVG8Rb8E0md0av9ncJBcM9caicRz
> 7qeRqqunXFtvfViZ2QIDAQAB
>
>
> Thanks,
>
> Sharath
>
> _______________________________________________
> Pki-devel mailing list
> Pki-devel at redhat.com
> https://www.redhat.com/mailman/listinfo/pki-devel
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: This is a digitally signed message part
URL: <http://listman.redhat.com/archives/pki-devel/attachments/20191107/970273d9/attachment.sig>
More information about the Pki-devel
mailing list