Web Server Management: Securing Access to Web Servers | ||
---|---|---|
Prev | Chapter 3. Creating keys and certificates | Next |
The keys are encoded using plain text in a format sometimes called "PEM". The underlying binary format, which is also sometimes seen, is normally called "DER". The file itself is not particularly interesting to look at.
$ cat WWW.key -----BEGIN RSA PRIVATE KEY----- Proc-Type: 4,ENCRYPTED DEK-Info: DES-EDE3-CBC,598A999A83DBC95A IjmHjsD07Xf09XUbYbmPzhqM7SGWu8Cc1v6Km4RBR0o6D1PqFcDFJxOaGbAcAmQK BBluOzqCB0yBnxCK2ICdnY3WUGN1veqXZQNWGhNP/hHIwyrReuHkzqZHerJxNE9x 290qMDfGPGtZg9CEAHnw3FEr/h0pYdTL/OjShweCKBmypvyj1II4GKSqCzhcl+zq PPER0Z3vgqrdTYhRH94ixt+agPV+lAvtLASBPWZ+0rFV5LbMXds+sFg6qr1sbOUH a2aXuGRBGgwyaKaP4cBT86GVd0F1Qt+g2YOSimzmvP+m81liB2hQvnroYHjRroJf bMp8i+fBOTQja5F5RCFE2g4A6TygVW7qgED6E4XoCkRnrMEHHReTRD5X6k6YHbaG HL5Earb/jrVOudNPDXuDdQV4V4ebXlk1YvD4Dz7XN7iWiS9eyjUnHvPp0iU4x25I UzvINgyYvvKKRJNfo/n4qYt0oMfOSztAIQMB+grgAThDN/bDSNLzbUNt4vHAruKt YfdR0BBfWogNIanBNxdU2GOAsxyMtliCjRnU8LmCFfZ5N3x35uFMJFJvzqsB0l5R 9RaOVWe2oxSWY1wbo7HM9OHDBldHTonXm9pSPobYeE0AwAyXmbV/KeQqYrw11HvQ UVPQWWUhWqxqxdPOC4Gj1x4nKk6vnnnG/vaPBDOSd90J+MYVpqfmenbt8eWvs0TL 59b5JBUFJ882IocH/TrSnPKBkkk+UPbtZNFePvLq9tH6opyRm30b2Lrg5jv91vAB wqveQndhCBC6t2CsgHYVp8neWak3yc9/pGyxf1Vg5+DpT4ao1X6BaJsMjKL8zhfW nspuLy8MIi5J9yE+GFj0AhvuUVyOGSKIEWdZiYnlMuvwo0GVNorDidXkPuhGhkce RXkyy/tiIjXeE+7qZW6zZRUSA6NVoMHbXqrQ+OowWm/mIdwMgRmJQbLpGEgpo5+Q i4kHDbP1BC6hEFSj1pabs35V3wNF5dO0dIFg9D1TKUKUzKQGZKZUf9aKpDOVFcmM Z6GE4QQZ8jkkROHXkAX/ZoszAkNXfkjz2mU7P+a4XAQ6e0szON9mwsNyq/AuLx98 Zm2ZtUZBWldKdKqtIDg9hX+QPuvaWKT21ojvC7Qq2AqjXuwYHwbfFSdD9X5fpkJc qPdGRp4crjai4gknORRsf293TcEbZShriTCCI7+1TlS/2NkyKzM/v5CWhpi6xnuo wwdWTi4ulq4aAEIIG+VfSlyJEB5vhNHrNLv493M/AKopJc/22d53FRV3sfRaSLm5 JZ/dA5P4cfIEpbqetxde74FLVGd2BfooIxjxHug68nzdJGP794BAFFAfOxllyyGv 8NW0yY9B/iaN95Qm+D47/9spCwGJCtQhYRW0j1DzJdEuGDHwDlRYuwr9iXq2bl0Y 6uZ413sVlxAnBLvouYf4JxRMiR+Pl2ZyOr2fIlAeeAvZXkvlmJb1UhD96vqVWTAP lnR9D9CbdhlsZFwgl+Mwo/1OSE9dfyhw5DyrD7/B8df2nffASngniaGv+LBXLF3Y EYF4akBMjB3NR3crMCvZHhDoXmDrBCqQdz0bI3ubeWoFiTWDxzMRug== -----END RSA PRIVATE KEY-----
However we can look to see what is actually in the key file using the openssl's rsa sub-command. To do this we need the pass phrase, and doing this in public would normally be a bad idea since it reveals the private key.
$ openssl rsa -in WWW.key -noout -text Enter pass phrase for WWW.key: password Private-Key: (2048 bit) modulus: 00:c7:62:3b:8c:8c:4a:5d:7f:08:1d:51:96:e9:1b: 3e:92:ab:a8:97:4f:de:c9:a0:42:c3:61:bf:72:48: 9e:2d:78:ea:f0:3b:ba:0e:e9:02:2f:9c:14:07:9f: fd:37:a0:a2:22:e2:c7:b8:a7:ec:eb:6b:e3:81:da: 17:0f:dd:e9:90:6e:aa:4a:e0:8e:4c:f0:b1:2b:2a: 41:0e:65:e0:b4:c0:29:e2:61:86:8b:09:ea:00:15: ad:38:5a:8f:92:83:28:28:67:ec:69:47:3e:98:b5: a8:6f:ef:ae:3e:bb:81:80:9d:83:c2:89:a4:77:c7: 17:eb:01:1d:69:36:20:33:86:69:8f:9c:f0:dc:cf: c2:38:e7:27:86:28:85:9d:36:86:e1:2c:77:ba:97: e6:a4:a8:8c:0f:8e:2e:d0:45:d6:5f:a3:53:bd:c2: 10:19:80:d3:33:8a:0e:2a:4c:3c:98:74:cb:c7:48: 10:a9:09:0d:44:e3:79:47:d9:2a:08:38:eb:7e:4f: f1:58:96:c8:2f:8e:70:6e:37:10:02:7e:f9:82:16: c0:7e:a2:9f:07:76:4e:65:27:c6:4b:1a:12:1a:e5: 49:ef:ee:e6:fc:7d:4b:cd:22:64:ac:ac:a0:d6:31: a1:c8:18:01:ad:9e:ef:c9:4e:06:c6:96:85:d4:90: 0a:e1 publicExponent: 65537 (0x10001) privateExponent: 63:c8:17:81:29:1c:76:5a:02:97:99:a3:6a:99:85: e1:25:23:44:46:66:7a:85:47:a4:3c:20:f1:72:c2: 26:83:a3:20:02:e4:04:5e:3c:07:d3:96:7a:92:68: c9:14:0c:d0:64:aa:0b:11:8f:11:ea:76:7b:1f:c7: f6:da:d9:ee:bc:53:61:11:ac:65:78:f7:51:60:de: 19:f4:86:56:2e:ed:47:2c:03:87:45:b8:e3:bd:f5: 68:84:79:e1:9a:dd:d8:0a:da:57:7d:9e:28:12:91: 6f:23:86:12:43:08:76:73:5d:e3:57:bb:05:6e:8f: db:be:3d:17:d0:4c:a1:3b:ba:1d:21:19:30:cb:7c: 14:a0:dc:17:4f:83:a2:99:2a:c0:e8:3d:a4:db:76: bc:d4:34:70:5e:21:02:32:cb:ae:d7:ec:43:af:46: e2:f9:4f:e0:a9:b5:dd:d6:e0:26:8f:0c:97:2f:cc: 21:0b:70:2c:8c:8d:bd:b2:78:44:1b:d3:97:5b:65: 21:e6:4e:6d:f0:93:a6:7d:6e:f4:be:0a:16:5e:09: 92:70:24:95:4a:ca:97:e2:36:eb:71:a6:ae:0f:2a: 79:25:75:8e:b3:49:23:26:d9:10:e4:12:36:d8:82: 81:d0:72:a2:66:dc:0f:70:ca:e2:29:02:65:33:32: a1 prime1: 00:f8:cd:68:a5:1d:91:f9:d8:57:f4:21:4c:bb:de: 87:65:11:3b:49:40:78:28:9f:92:ee:b1:99:6a:ac: 54:16:d0:c7:21:66:02:68:8f:d4:c5:86:46:1e:f3: a2:a6:64:73:87:75:1a:67:98:e4:50:62:0c:b7:de: e5:47:c4:4b:9b:5f:08:bd:af:1e:71:0d:11:44:5f: f3:0b:90:2e:b1:bb:16:0d:34:19:db:ea:2e:27:96: c3:a4:e8:c2:0f:73:fd:0a:11:3c:71:6e:bc:a3:19: 41:bd:30:c5:de:f8:38:45:fd:27:3a:76:cc:65:e5: 1f:08:63:31:e0:12:94:43:8d prime2: 00:cd:26:d6:49:24:10:cd:2b:35:d2:e7:22:0b:63: 12:ff:b3:c9:ca:9b:55:be:2c:76:80:1f:aa:3a:db: 77:20:88:da:64:8c:c4:25:57:af:5f:32:35:99:83: a6:0f:0c:d0:0d:8e:8a:bc:9d:e0:62:78:0e:53:ce: 23:bf:1f:01:c7:ec:d5:0d:6f:d6:f8:4c:39:60:c3: c7:4e:c8:8a:14:92:30:d4:21:e2:db:f4:96:f0:91: c0:ba:13:3d:68:a3:95:56:3c:d4:88:29:12:91:d4: 5d:11:e3:7c:34:a1:3e:24:f7:24:82:31:4c:d8:4d: 34:ac:68:b3:9e:23:59:c5:a5 exponent1: 00:96:a3:c7:b8:31:2f:31:16:cc:2a:03:ff:71:c0: 4a:39:e7:34:fe:25:0a:9b:8e:02:68:83:1f:60:76: f6:72:d9:f5:b7:43:0c:32:42:e3:90:b4:bb:c0:01: c3:78:fb:58:f7:aa:ef:51:ca:40:72:6a:eb:48:68: ac:69:c7:6f:ff:a2:8a:a8:4e:5f:20:13:c9:60:9c: b7:8b:48:c0:fc:db:49:7e:b5:0c:f3:19:d6:d8:21: 70:53:68:9a:16:c1:23:73:f4:fb:a3:b2:68:84:57: c6:75:c6:12:07:ee:42:24:1e:22:a2:43:4b:7e:66: 3b:63:d8:ab:59:ff:e5:c5 exponent2: 00:a3:75:80:63:c2:a2:c8:76:d7:69:f5:d3:c0:72: ee:5e:62:e8:33:d0:d4:de:b4:1a:af:37:8b:b1:5d: d0:6b:51:df:81:22:4f:de:d9:20:d8:9e:ee:ea:24: 65:19:b4:c1:c9:2b:7c:0b:91:57:89:dd:d2:bc:9f: 91:07:e5:32:cc:13:3e:26:78:a8:36:2a:b5:c5:0d: f9:2e:22:c7:32:60:d1:1b:14:ec:e7:08:d9:83:50: fe:d8:c4:1f:b7:d2:2f:59:09:1a:e6:6a:a3:6b:22: 64:0d:ae:cd:f6:39:4b:84:b4:8e:98:55:a3:be:ec: b5:3d:72:27:3b:a7:3b:0e:29 coefficient: 4c:08:15:e6:d6:9b:0b:42:a9:10:3c:1a:78:9b:9b: 74:99:8c:b3:c1:6a:c4:d3:ea:af:d5:2a:ae:8b:78: a6:10:62:94:b1:7f:87:98:f2:a6:77:bc:f4:3c:13: 10:3e:ce:94:bd:64:9d:18:7c:cd:5e:41:52:04:60: d9:ac:60:c7:a4:5f:5b:f8:53:19:81:a5:f9:17:f1: 67:88:a9:c1:21:2e:d9:7f:3b:f7:e5:12:56:20:42: 7f:0c:d1:23:95:78:a9:e4:d9:cb:dd:fb:7f:b1:e1: b4:59:8b:20:64:73:e4:02:c9:01:dc:ee:64:a1:ae: de:47:20:36:e1:a6:5b:3a
Arguments used
-in
the name of the file containing the key
-noout
do not output the key itself
-text
display the contents of the key file as text