Hello team,

Environment: webMethods 7.1.2

We are in the process of migrating webMethods 7.1.2 to a different integration tool. And one of the effort in it is to move webM enterprise private and public certs(for AS2) to this new tool.
I was able to provide webM used certs but in the new tool when importing a private key/cert there is a mandatory option called ‘password used to encrypt private key’. And this is something we are struck at…
I am not very familiar with cert creation process…but in going thru the documentation(webMethods cert toolkit), under ‘create private key’ I don’t see an option of passing in password, there is a password option when creating CSR, but as per the doc this is only used for revocation and not for any sort of encryption.

So help me here guys...whats a private key password and how do I find it? Is there an openssl command that I can use to extract password from the key(if password is in the key)

Thank you,
Anil

pass phrase (or passwords) is used to create private key and this key is used to generate CSR. there is no way to recover the password from key (mostly encrypted with 3-des).
if you are using un-encrypted key then pass phrase is not required. there is way to remove the pass phrase from private key using openssl (i think pass phrase is required to do that).

Thank you for the response.

When creating private key using webM cert tool kit. Is there an option to generate key using pass phrase(i.e. encrypted). I don’t see that option but just want to make sure

Also noticed that in TN–>extended field–> encrypt/decrypt, there isn’t an option to define a password/pass phrase when importing private key. Does that mean webM only accepts un-encrypted private key?.
And say if there is an encrypted private key does it need to be un-encrypted(i.e. use openssl and strip the pass phrase out) before defining in webM?

i have not used wm certificate tool kit; however, if there is no option to enter passphrase while generating private key then the generated private key is not encrypted and no passphrase required. In this case servers will not require passphrase while using the private key (or leave the password empty ??).

Thank you Deepan. Seems like this is our case- Private key not encrypted.

Also I am thinking webM only accepts private key that is not encrypted. I created a new key pairs(with private key enc) using different utility and webMethods wasn’t able to import the private key until I used openssl and rip pass phrase off.

Thank u,
Anil