How to find which key on the HSM corresponds to a OneStep SSL certificate
Originally Published: 2003-06-24
Article Number
Applies To
Microsoft Windows 2000 Advanced Server SP2
nCipher Hardware Security Module
Issue
Using OneStep setupSSL to create keys on HSM
Resolution
-----BEGIN RSA NFAST PRIVATE KEY-----
MDUWDnJzYS1rZW9uLWNhLTY1FhAxMDMzNDMzODEwOTgxNDk1FghzcGFyY1NldAEB
/wIBAQIBAg==
-----END RSA NFAST PRIVATE KEY-----
You can use any ASN.1/BER viewing tool to look at the contents. One freely available tool that will do this is dumpasn1. Running dumpasn1 with the key file as input (you can leave it in its PEM encoded form) will produce output something like this:
0 30 53: SEQUENCE {
2 16 14: IA5String 'rsa-keon-ca-65'
18 16 16: IA5String '1033433810981495'
36 16 8: IA5String 'sparcSet'
46 01 1: BOOLEAN TRUE
49 02 1: INTEGER 1
52 02 1: INTEGER 2
: }
The three string values are the application name, the key id, and the card set name. You should be able to match the key id with one listed by KeySafe to find the key using that tool.
Related Articles
Can the KCA OneStep SSL certificate private key be kept on a HSM? Number of Views How to Generate SSL Certificate Request and Private Key from the RSA SecurID Access Admin Console Number of Views Identity Management and Governance: No available certificate or key corresponds to the SSL cipher suites which are enabled. Number of Views How to generate an SSL certificate for tomcat. Number of Views How to renew the self-signed SSL Certificate on Enterprise Manager Number of Views
Trending Articles
RSA Authentication Manager Upgrade Process Download RSA SecurID Access Cloud User Event audit logs using Cloud Administration REST API CLU RSA Authentication Manager Patch Updates How to manipulate imported RSA SecurID Software Token(s) on an iPhone or iPad device Artifacts to gather in RSA Identity Governance & Lifecycle
Don't see what you're looking for?
