For one of our applications we sign some files using an SSL private key:
$ openssl dgst -sha1 -sign signing-key.pem -out filename.sha1 filename
I was getting an error when trying to verify the signatures using the corresponding SSL certificate (signed by the certificate authority):
$ openssl dgst -sha1 -verify signing-cert.pem -signature filename.sha1 filename
unable to load key file
The problem is that you need to use the public key to do the verification, not the certificate. Thankfully it is easy enough to extract the public key from the certificate:
$ openssl x509 -in signing-cert.pem -pubkey -noout > signing-pub.pem
Then verification using the public key works as expected:
$ openssl dgst -sha1 -verify signing-pub.pem -signature filename.sha1 filename
I have been struggling with the error 'unable to load key file' and came across your post.ReplyDelete
It is rally saved my time and life.
i have same problem... thanksReplyDelete
muchas gracias esto es lo que estaba buscando.ReplyDelete
Saludos desde México.