Anyone?
On Wed, Jul 26, 2017 at 9:21 PM, Michele Mase' <michele.mase@xxxxxxxxx> wrote:
Michele MAsèopenssl req -nodes -newkey rsa:2048 some_extra_parameters ....openssl genrsa ....Tx.So, what should be the command line to use in order to obtain the same key?On Wed, Jul 26, 2017 at 6:29 PM, Benjamin Kaduk <bkaduk@xxxxxxxxxx> wrote:On 07/26/2017 10:13 AM, Michele Mase' wrote:
Any suggestion?Why?The command "c" against example.key generate by the command "b" produces the same file. No differences.diff example.key example2.key, the files are different.The command "c" against the example.key generated by command "a", gives the same private key with different content between --BEGIN RSA and --END RSA. Simply, try the following:To remove the passphrase from private key, I use theBoth commands give me a private key without password, a key that is not encrypted.Command "a": openssl req -nodes -newkey rsa:2048 -keyout example.key -out example.csr -subj "/C=GB/ST=London/L=London/O=GlDuring the generation of x509 certificates, both commands give the same results:
obal Security/OU=IT Department/CN=example.com"
Command "b": openssl genrsa -out example.key
Command "c":openssl rsa -in example.key -out example2.key
Perhaps I missed something in openssl manual ... :(These differenced gave me troubles using custom certificates in some software.
The output from openssl req includes an additional layer of encoding and the rsaEncryption OID around the actual key parameters, as can be seen using openssl asn1parse. The conversion with 'openssl rsa' removes that extra encoding.
-Ben
-- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
