In message <CANtcRX4xLxcOVa0iszyo4RLBuFxa7BenA2OZw9QA-KP-=BAzpQ@xxxxxxxxxxxxxx> on Tue, 16 Oct 2018 10:34:31 +0200, Peter Magnusson <blaufish.public.email@xxxxxxxxx> said: > Sorry, I am an idiot =) No you're not. > Problem resolved, user error. -key was the problem and should not be > used as I showed. > > -key has a different meaning for openssl ca than for openssl req, so > my PIN was my -key argument. It got my keyfile from the openssl conf > file. And this is precisely why you're not an idiot. We're not consistent between openssl sub-commands, so no wonder you get confused. It's a pattern thing, we catch on to similar patterns (such as option names). We really should look over those options... (but with all the other stuff we have going on, I'm afraid this isn't the highest on our priority list) Cheers, Richard -- Richard Levitte levitte@xxxxxxxxxxx OpenSSL Project http://www.openssl.org/~levitte/ -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
