How to create certificate using the key pair generated using rsa_gen_key()


Feb 9, 2012 08:40
Hiran M.K.

I am getting the key pair using the rsa_gen_key().
Now i want to use openssl to generate the certificate.
How to feed the key to openssl for generating the certificate.
all examples in openssl highlight certificate generation using a key file generated within openssl.

How to feed my keys in the openssl command
The command
openssl req -new -key server.key -out server.csr

what will be the format of the server.key. And how do i feed my keys generated by rsa-gen-key() to this file.
 
Feb 9, 2012 09:27
Paul Bakker

At this moment there is no easy way to generate a key file that OpenSSL can use from PolarSSL. But a first version has been created and will be included in the new release.

So at this moment you are better off by generating the key with openssl as well (openssl genrsa)..
 
Feb 9, 2012 09:51
Hiran M.K.

It's an embedded application where by i am generating RSA key pair in the MCU using the polar SSL. So i am dumping the public key out and now need the certificate to be generated for this.
Can you guide me how to go ahead with this.

Thanking you
 
Feb 10, 2012 11:35
Paul Bakker

The problem is you have to construct an ASN.1 structure with the RSA key information.

Within a month a demo application that does this will be in the trunk of PolarSSL.. I hope you can wait that long..
 
Dec 24, 2013 15:14
Paul Bakker

We've added an article on how to use PolarSSL as a RSA Key Generation tool.