Security

Reply
Occasional Contributor II

Private Key

Hello,

 

is there a way to extract the private key used for a CA Signed cert off of Clearpass?  We are using clearpass v6.6 and i have the encrypted private key file and the key to decrypt used when generating the CSR.  i need to get the private key out to use for some SSL inspection on an edge firewall?

 

Thanks

 

Ryan

 

Guru Elite

Re: Private Key

Are you using Onboard?

| Tim Cappalli | Aruba Security | @timcappalli | timcappalli.me |

NOTE: Answers and views expressed by me on this forum are my own and not necessarily the position of Aruba or Hewlett Packard Enterprise.
Occasional Contributor II

Re: Private Key

hi there, no we are not using onboard

Guru Elite

Re: Private Key

So what private key are you trying to export?

| Tim Cappalli | Aruba Security | @timcappalli | timcappalli.me |

NOTE: Answers and views expressed by me on this forum are my own and not necessarily the position of Aruba or Hewlett Packard Enterprise.
Occasional Contributor II

Re: Private Key

I generated a CSR for a HTTPS certificate for when customers browse to CPPM for Guest registration.  as part of this i obtained an encrypted private key file and set a password to use (assume to decrypt private key file).  i received signed certificate from CA and installed, providing the encrypted private key file and password.  Certifictae installed fine. 

 

What i want to do though some testing around SSL inspection so want to access the CPPM Guest registration externally via a firewall and have the firewall SSL Inspect the inbound connection to CPPM.  for this to work it needs to decrpyt the session so to do this i need the signed CA cert and the private key to install on the firewall, it can then decrpyt (private key), inspect and re-encrpt (public key in CA cert) and pass on to CPPM.  So i need the private key from the public/private key pair generated as part of generating the CSR.

 

Thanks

Guru Elite

Re: Private Key

Click export and you’ll get both.

| Tim Cappalli | Aruba Security | @timcappalli | timcappalli.me |

NOTE: Answers and views expressed by me on this forum are my own and not necessarily the position of Aruba or Hewlett Packard Enterprise.
Occasional Contributor II

Re: Private Key

thanks, i have done this already but it still shows private key in encrypted format!

 

-----BEGIN ENCRYPTED PRIVATE KEY-----

xx

xx

xx

xx

----END ENCRYPTED PRIVATE KEY-----

 

unless this is not the case and it is the actual private key?

Guru Elite

Re: Private Key

You’d need to decrypt the private key with the secret you defined during generation.

| Tim Cappalli | Aruba Security | @timcappalli | timcappalli.me |

NOTE: Answers and views expressed by me on this forum are my own and not necessarily the position of Aruba or Hewlett Packard Enterprise.
Occasional Contributor II

Re: Private Key

ok, so this is not some CPPM propriety encryption, i can use openSSL or something similar?

Guru Elite

Re: Private Key

Correct.

| Tim Cappalli | Aruba Security | @timcappalli | timcappalli.me |

NOTE: Answers and views expressed by me on this forum are my own and not necessarily the position of Aruba or Hewlett Packard Enterprise.
Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: