How to extract RSA keys from Apache I am testing some old vulnerabilities related to SSL/TLS, and would like to know how to extract temporary RSA keys from Apache. The particular vulnerability I am testing is the FREA...--prophetes.ai

How to extract RSA keys from Apache I am testing some old vulnerabilities related to SSL/TLS, and would like to know how to extract temporary RSA keys from Apache. The particular vulnerability I am testing is the FREAK attack. I understand that a 512-bit RSA export key is generated when Apache is started, but I have not been able to identify where the private key is stored. I can identify the public key by simply running a tcpdump and observing the Server Key Exchange message; though I wonder if there's an easier way to do this. Ideally I'd like to be able to extract all of the values input to generate the public/private key pair also. What is the best way to achieve this?

I was able to do the above with a tool named passe-partout. See the answer posted by Nathan Osman for further details here <