Azure key vault certificate throws bad parameter error
When I upload the certificate as this:
-----BEGIN CERTIFICATE-----
{my certificate}
-----END CERTIFICATE-----
-----BEGIN PRIVATE KEY-----
{my key}
-----END PRIVATE KEY-----
I am getting the error:
The type of the private key of the X.509 certificate content is not supported. Supported key types are: [ec, ec-hsm, rsa, rsa-hsm].
Can you tell me why I am not able to upload the certificate?
https://docs.solarisgroup.co.uk/guides/encryption-examples/#Java
i am referring the above link and trying to use the private/public keys used in this example.
Initially I used the same public and private key from the blog and created a .pem file. When tried to upload I got the same error:
The error "The type of the private key of the X.509 certificate content is not supported. Supported key types are: [ec, ec-hsm, rsa, rsa-hsm]." usually occurs if there is an issue with private key being used or formatted when you're attempting to upload the certificate to Azure Key Vault.
- Azure Key Vault supports the following private key types
RSA,RSA-HSMANDEC,EC-HSM - The private key you're using seems to be in PKCS#1 format, which is the older format for RSA keys.
Hence to resolve the error and upload the cert to Azure key vault check the below:
# 1. Generate RSA private key
openssl genpkey -algorithm RSA -out rsa_key.pem -pkeyopt rsa_keygen_bits:2048
# 2. Generate CSR (Certificate Signing Request)
openssl req -new -key rsa_key.pem -out csr.pem
# 3. Generate self-signed certificate
openssl x509 -req -in csr.pem -signkey rsa_key.pem -out cert.pem -days 3650
# 4. Combine the private key and certificate into a single file
copy cert.pem + rsa_key.pem combinedruk.pem
Edit the file and remove the ? from the end of the file and save:
Now I am able to upload the .pem file successfully:
- Azure key vault certificate throws bad parameter error
- Loading previously stored Keys fails in BouncyCastle with Java
- Generating deterministic ECDSA/RSA keys based on seed and salt using zero-dependencies
- Creating RSA Public Key From String throws exception
- signature generated using openssl C++ API does not match with same code in python
- how to resolve exception while reading private key from file
- What are the differences between .pem, .cer, and .der?
- AEADBadTagException: mac check in GCM failed during AES decryption with BouncyCastle
- ImportPkcs8PrivateKey and ImportRSAPrivateKey alternative in .net framework
- Unable to cast object of type 'Org.BouncyCastle.Crypto.AsymmetricCipherKeyPair' to type 'Org.BouncyCastle.Crypto.Parameters.RsaKeyParameters'
- What causes "Neither PUB key nor PRIV key:: nested asn1 error" when building a public key in ruby?
- 'Encrypted message length is invalid.' using node-forge to decrypt the message encrypted from jsencrypt
- Clean my MachineKeys folder by removing multiple RSA files without touching IIS ones
- SHA256withRSA what does it do and in what order?
- How can encrypt\encode (Base64) for a generated key including message with 2nd public data key in OpenPGP medium?
- How to check a public RSA key file
- Digital Signature of Hash (HMACSHA256) in Java using SHA256 algorithm & Pkcs1 RSA signature padding didn't match with dot net implementation
- Decrypting a string with private key (RSA 2048 Key size)
- How to Generate Public and Private Key PEM Format in MAUI C# 8.0 (android,iOS)
- Generate RSA key pairs using openssl 3.0 in c++
- RSA Signature performance
- Algid parse error, not a sequence
- Padding in RSA JWT signatures
- How to encrypt data for AWS KMS using public key in plain java without awssdk
- How do I access my SSH public key?
- Cannot figure out why DTLS handshake does not complete
- ssh-keygen - how to set an rsa key with a certain username
- Verifying JWT signed with the RS256 algorithm using public key in C#
- How to generate RSA public and private keys using Swift 3?
- How to encrypt large file with RSA?