Layer7 API Management

 I have a RSA public key I am supposed to use to encrypt a string but I don't see any options allowing me to do so. The Asymmetric key encrypt/decrypt assertion supports certificates but not public keys. Any insights will be appreciated. Thanks

Hello tonyogidi ,

I maybe misunderstand it, but public key is a certificate...

Import your public key on Manage Certificates task of policy manager, then you should be able to use it in Asymmetric key encrypt/decrypt assertion.

Regards,

Mark

Hey Mark

The RSA key pair is not a public certificate in this case.I tried importing but it fails. I see similar communities ticket but it looks like the user ends up generating the key pair through online free tools and not through the gateway. Here is a similar case RSA key signature . I am able to generate key pairs with http://travistidwell.com/jsencrypt/demo/  but not able to use the keys generated to encrypt/decrypt strings.

Thanks

Hello Tony,

Most of our encryption assertions want the public key in the x509 certificate format. I believe you can convert your RSA public key with the following command:

openssl req -x509 -in rsa_public.pem -nodes -days 365 -newkey rsa:2048 -out x509_public.pem

The x509_public.pem certificate will be a RSA public key with the same modulus as the rsa_public.pem, so I believe they should be interchangeable for encryption, though I may be wrong.

Regards,

Ben

Hello,

Did this method work? Having a similar requirement but unable to use the asymmetric encryption assertion because the public key is not a certificate and can't be imported to the gateway's manage certificates.

Hi,

This method doesn't work, unfortunately!. Does someone have some ideas or workaround to achieve this?