use*_*ser 5 shell openssl rsa x509certificate jwk
我从端点获取了 JWKS,它看起来像这样:
\n{\n "keys": [\n {\n "kty": "RSA",\n "use": "sig",\n "x5t": "M2maFm3VYlMBOn3GetVWGXkrKrk",\n "kid": "SIGNING_KEY",\n "x5c": "MIIC\xe2\x80\xa6\xe2\x80\xa6\xe2\x80\xa6(base64 encoded cert)\xe2\x80\xa6\xe2\x80\xa6\xe2\x80\xa6..tow==",\n "alg": "RS256"\n }\n ]\n}\n.pub我正在尝试使用 shell将此 x5c 值转换为公钥 ( ) 文件openssl
我尝试复制粘贴x5c上述 json 中的值并.pem通过执行以下操作将其添加到文件中:
vi certificate.pem\nfold -w 64 certificate.pem\n然后certificate.pem也在文件中添加以下内容
-----BEGIN CERTIFICATE-----\n<value>\n-----END CERTIFICATE-----\n之后我尝试运行以下命令来获取公钥:
\nopenssl x509 -pubkey -inform pem -in certificate.pem -noout > key.pub
但遇到类似这样的编码错误:
\nunable to load certificate\n140735207381436:error:0D0680A8:asn1 encoding routines:ASN1_CHECK_TLEN:wrong tag:tasn_dec.c:1319:\n140735207381436:error:0D07803A:asn1 encoding routines:ASN1_ITEM_EX_D2I:nested asn1 error:tasn_dec.c:381:Type=X509_CINF\n140735207381436:error:0D08303A:asn1 encoding routines:ASN1_TEMPLATE_NOEXP_D2I:nested asn1 error:tasn_dec.c:751:Field=cert_info, Type=X509\n140735207381436:error:0906700D:PEM routines:PEM_ASN1_read_bio:ASN1 lib:pem_oth.c:83:\n我搞砸了什么?谢谢
\n小智 1
做时:
vi certificate.pem
fold -w 64 certificate.pem
您忘记使用折叠内容更新文件,例如:
fold -w 64 cert.pem > folded.pem && cat folded.pem > cert.pem && rm folded.pem