Monday, 21 September 2009

openssl dgst: unable to load key file

For one of our applications we sign some files using an SSL private key:

$ openssl dgst -sha1 -sign signing-key.pem -out filename.sha1 filename

I was getting an error when trying to verify the signatures using the corresponding SSL certificate (signed by the certificate authority):

$ openssl dgst -sha1 -verify signing-cert.pem -signature filename.sha1 filename
unable to load key file

The problem is that you need to use the public key to do the verification, not the certificate. Thankfully it is easy enough to extract the public key from the certificate:

$ openssl x509 -in signing-cert.pem -pubkey -noout > signing-pub.pem

Then verification using the public key works as expected:

$ openssl dgst -sha1 -verify signing-pub.pem -signature filename.sha1 filename
Verified OK

7 comments:

  1. I have been struggling with the error 'unable to load key file' and came across your post.

    It is rally saved my time and life.

    ReplyDelete
  2. i have same problem... thanks

    ReplyDelete
  3. muchas gracias esto es lo que estaba buscando.

    Saludos desde México.

    ReplyDelete
  4. We ship creative marketing solutions, and help your brand and business develop. Contact us right now, and with a personal touch our excellent service will ensure your printed supplies are lovely every time. The organization, established in 2013 by CEO Konrad Walus, is looking towards of|in direction of} the drug discovery markets for incomes, as they push ahead with improvement of their distinctive lab-on-a-printer expertise. Today, 3D printing reduces lead times to mere hours quite than weeks. A prototype mannequin could Sissy Panties For Men be produced at a fraction of the cost than when using other traditional manufacturing methods. This methodology is known as|is called|is named} practical depositional modelling and typically takes place entirely mechanically over a couple of hours.

    ReplyDelete

Labels