This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Log in to ask a question
Announcements
This site is in read only until July 22 as we migrate to a new platform; refer to this community post for more details.
Get hands-on experience with 20+ free Google Cloud products and $300 in free credit for new customers.
Log in to ask a question

Private key encryption for JWT token generation

Posted on 05-10-2018 09:15 AM
venkatasaik
New Member
Reply posted on --/--/---- --:-- AM

The jwtgenerate policy is able to generate token if I use the following private key formats.I'm storing the private key in encrypted KVM and referring that variable in the JWT policy

-----BEGIN RSA PRIVATE KEY-----

....

-----END RSA PRIVATE KEY-----

PKCS#8(unencrypted)

-----BEGIN PRIVATE KEY-----

....

-----END PRIVATE KEY-----

But if I encrypt these keys with passwords and use the encrypted private keys to generate, JWT trace tool shows the following "cannot instantiate private key" error

6843-capture.png

Encrypted key formats

-----BEGIN RSA PRIVATE KEY-----

Proc-Type: 4, ENCRYPTED

DEK-Info: AES-256-CBC,1E9B7BE131CB1452DA691AF29A321E4D

-----END RSA PRIVATE KEY-----

PKCS#8(encrypted)

-----BEGIN ENCRYPTED PRIVATE KEY-----

....

-----END ENCRYPTED PRIVATE KEY-----

So,

1. Does JWT policy has any preferred format for the PEM encoded private key

2. Why is it failing to parse the encrypted private key?

0 12 4,324
Topic Labels
0 Likes
Reply
12 REPLIES 12
Top Solution Authors
View all