Private key does not match with my certificate

I ran this command: /opt/letsencrypt/letsencrypt-auto certonly --rsa-key-size 4096 --webroot --webroot-path /var/www/mondomaine.fr -d mondomaine.fr

It produced this output: error:04065072:rsa routines:rsa_ossl_private_decrypt:padding check failed2 (when I run openssl_private_decrypt [php] )

I’m running on Debian 9 and nginx

I am using cert.pem for public key and privkey.pem

My HTTPS is running with certificate A

Do you know what’s going on ?

Hi,

I’ve no clue what is going on with your certificate, but
Can you try to run this command and verify if the two out put is the same?

`openssl x509 -noout -modulus -in (public keyl | openssl md5`
`openssl rsa -noout -modulus -in (private key) | openssl md5`

Thank you

Hey, privkey.pem does not match with cert.pem, but i found out that it matches with fullchain.pem. (with md5)

However, i still get an error: old_rsa_priv_decode:RSA lib

cert.pem and fullchain.pem should always contain the same certificate... (fullchain.pem also contains the intermediate certificate from chain.pem.)

What are you trying to do? Why handle a Let's Encrypt private key with PHP at all?

(And is it secure?)

You could post the PHP code and error message here, but some sort of security-oriented PHP forum would be better.

Hi,

Can you try this and share the output?
openssl rsa -in privkey.key -out testpriv.key

Also, is the key start and ends with the correct format? (-------BEGIN PRIVATE KEY-------)(--------END--------PRIVATE-------KEY)

Thank you

I would like to do an asymeric encryption as below:

I though i would be able to use private and public key from Letsencrypt, but maybe it is not the right way. I don’t know why both cert are different…

The only error i’ve got is the old_rsa_priv_decode:RSA lib so maybe it’s a Letsencrypt’s issue

While certificates are an example of public key cryptography, they also contain a lot more information that your library probably isn’t handling correctly, as it’s usually used for x.509-based operations. You can generate your own keypairs whenever you want with the command ssh-keygen -t rsa and follow the prompts.

Now, an important side note. If you are implementing a production system that is protecting confidential information - do not attempt to roll your own cryptography. There are hundreds of small things you can do wrong that leak information and completely break any security in quite insidious ways. You should always use an established and well-vetted library to handle these things. You might be already, we can’t know with the information given, but if what you’re building is going to protect real user information you should be aware of this.

2 Likes

-----BEGIN RSA PRIVATE KEY-----
MIIJKAIBAAKCAgEAoRCcml4v6D6sNLK4uCbBBIbNefcz98cuJGWIeJx1pQeOA2wc
GaP8HjP8EplVC8KLAeJ/CH2EE0Ky4i02ks/IgkoelXDPfvhtEwIs3PMqHBm/r1Tk

uaxd4dWioTwgHZmYPvBwlp6BmljQU9RdrnBtAv6gEZ8LcVFJ6RbhVQ6JefmWd9OV
yjKg82Amv3B3Tx8ux+mf3S89YzCkUIKB+B8neVRFGVwPnteZSXdJtfZ30Hs=
-----END RSA PRIVATE KEY-----

the MD5 is now the same but still the same error

@Galax
Dude, you didn’t post the full key. Did you?

DON’T post the full key. I mean

Ok maybe you’re right, I have 2 weeks ahead me to build a complete project and find a way to secure my http request, so I’m stressed and confuse :confused: I have to find a quick and easy library as soon as possible, do you have a recommendation ?

Not the full (meaning of “…”) but i can cut more

Hi,

(As I still don’t know what happens…)
Do you want to try to issue another tls certificate and see if that works? (Maybe this key has some trouble)

Thank you

Three quick notes:

(1) Posting part of a private key is still a problem, both because the privkey.pem stores multiple secrets, any one of which may be enough to compromise the key, and because Nadia Heninger has devised mathematical techniques for reconstructing a full private RSA key from a partial key.

(2) As @jared.m notes, implementing your own cryptosystem from scratch is not a recipe for good security. There are tons of pitfalls that are not at all obvious. The "Cryptopals" series of challenges highlights this by having you break realistic encryption implementations because of extraordinarily subtle flaws.

(3) I think we still haven't understood what you're looking to accomplish and why. If you want to protect network connections over the Internet, you can use the existing TLS implementations on your system with your Let's Encrypt certificate and you don't have to write any of your own encryption code. If you want to protect some other information in some other way, as @jared.m said, there's no need to use Let's Encrypt at all.

1 Like

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.