pki --issue --in option should also accept private keys
I can't understand why this is happening:
$ pki --gen --type ecdsa >| gwKey.der $ pki --issue --in gwKey.der --cacert caCert.der \ --flag serverAuth --flag ikeIntermediate --cakey caKey.der --san \ “123.abc.def.456” --dn "C=CH, O=Example AG, CN=vpn-gw.example.com" building CRED_PUBLIC_KEY - ANY failed, tried 3 builders parsing public key failed
I think --in is much cleaner than the classic:
$ pki --pub --type ecdsa --in gwKey.der | pki --issue ...
And looks less like magic to new users.
#2 Updated by Tobias Brunner over 5 years ago
- Tracker changed from Issue to Feature
- Subject changed from pki --issue --in option doesn't seem to work to pki --issue --in option should also accept private keys
- Category set to pki
- Status changed from New to Feedback
- Resolution set to No feedback
As mentioned by Noel and documented on the wiki and, in more detail, the man page the
--in option currently takes a public key or a PKCS#10 certificate request. I quickly threw together a patch that adds the possibility to extract the public key from the private key though (see pki-issue-in branch).