Categories
- All Categories
- 75 Oracle Analytics News
- 7 Oracle Analytics Videos
- 14K Oracle Analytics Forums
- 5.2K Oracle Analytics Idea Labs
- Oracle Analytics User Groups
- 40 Oracle Analytics Trainings
- 60 Oracle Analytics Data Visualizations
- 2 Oracle Analytics Data Visualizations Challenge
- 3 Oracle Analytics Career
- 4 Oracle Analytics Industry
- Find Partners
- For Partners
Unable to convert RSA Private key to PKCS #1 standard using OCI Cloud shell
Hi,
To switch FAW Authentication method to JWT, I tried to create RSA keys using openssl command in OCI Cloud Shell .
I am able to create RSA private key in PKCS#8 format but not in PKCS#1 format which is required for FA authentication.
I don't know the exact reason, but none of the openssl conversion Command from pkcs8 to pkcs1 worked. Can anyone help on this?
Blog referred : https://blogs.oracle.com/analytics/post/using-jwt-token-with-faw
Thank you
Answers
-
OpenSSL 1.0.2k-fipsOpenSSL 1.0.2k-fips - this is the version in OCI
0 -
Hi User_U2DLO,
Please refer to following KM for additional details / steps :
JWT Based Authentication Test Connection Fails If RSA Private Key generated on Windows & Ubuntu Platforms Using OpenSSL (Doc ID 2947305.1)
Thank you
0 -
Hi Rajesh L-Oracle,
I would like to know about JWT authentication method as I need to provision FAW for a customer.
Can we generate RSA private key in PKCS#1 format which is required for FA authentication from fusion application itself via security console.
which options we need to choose to generate these key pair. Can you please guide me here ?
Thank you
0 -
@Ankur Jain--Oracle yes you can use RSA private key in PKCS#1 format please ensure the RSA private key complies with the PKCS #1 standard. Oracle Fusion Cloud Applications Java Web Tokens require this standard. A PKCS#1 private key contains "BEGIN RSA PRIVATE KEY" in the first line. Use 4096 as the value for the last (numbits) parameter in the RSA private key command. This parameter controls the size of the private key in bits. Values less than 2048 are not supported. Values less than 512 are not allowed. Ensure the certificate does not contain carriage-return characters. Oracle Fusion Cloud Applications does not support the carriage-return character, only the line-feed / new-line character. "The key is using the PKCS #1 standard" is displayed if the PKCS #1 standard is used. "The key is not using the PKCS #1 standard" is displayed if it is not. If the key is using the PKCS #1 Standard, the command creates the public key certificate. Upload public key to FA first, wait for 15 minutes and then upload private and public keys in FAW Instance details page --> Fusion Connection Details --> JWT Based Authentication page and test the connection. thank you - Rajesh L
0 -
Thanks @Rajesh L-Oracle.
Actually I am looking for steps like how to generate these keys using cloud SSL tool.
one of the CEAL session they explained that we need to open cloud SSL terminal but what is the path for this.
I have downloaded openssl-3.1.2 tool but after that I need to first find out terminal file path
Regards,
Ankur
0 -
@Ankur Jain--Oracle following link has detils on using cloud shell - in your tenancy top right corner next to tenancy name you will see a shell icon like [<>] click on that to launch cloud shell
documentation on using cloud shell
https://docs.oracle.com/en-us/iaas/Content/API/Concepts/cloudshellintro.htm
1 -
Thanks @Rajesh L-Oracle. I will check this out.
0 -
Also tried to use the Cloud Shell to generate the key pair. The command provided in documentation generates the private.key in the wrong version. The Cloud Shell OpenSSL command does not accept the -traditional option.
Tried this
openssl genrsa -traditional -out private.key 4096
And it throws usage info for the command.
So to the original question, is there any way to generate the private.key in PKCS #1 format on the Cloud Shell?
0
