I know this is probably a bad question but I am so confused. I have a tls certificate and a tls key file, tls.crt and tls.key. I think I'm supposed to convert them into a public and private key, relatively, in order to use openssl.
side note: Am I approaching this wrong? Is there some TLS application to encrypt/decrypt?
To convert the public key, I use
$ openssl x509 -pubkey tls.crt -noout > pubkey
This created a public key that I was able to encrypt a message file with by doing
$ opensssl rsautl -encrypt -inkey pubkey -pubin -in <message file> -out <encrypted output>
I have successfully encrypted the file but now I don't know how to decrypt it. I don't know how to convert my private key (tls.key) into an ssl private key. This is what stumps me. Shouldn't I be doing some tls encryption/decryption? If not, and I am supposed to be using openssl, how should I convert tls.key into a private key usable by openssl rsautl -decrypt?
tl;dr: The key file is the key file you want. No conversion should be required.
The trick here is in the following question: "What is a certificate?" The answer is that it is a signed public key that goes along with a secure private key. It (usually) gets signed by a CA ("Certificatation Authority").
The basic process is:
So, you took your own public key from the certificate. The private key (tls.key) should be the key file you created in the first step - just use it on your encrypted data.