Timo Gerke wrote: Hello,
> Hi all, > > I'm new to this list, so I hope this report can help you to figure out > my problem. > > when I generate a private key (DSA) with certtool, e. g. > certtool -p --dsa --pkcs-cipher aes-256 --outfile privkey.pem > The key won't get encyrpted. This correct. The default output format is not pkcs8 and thus the --pkcs-cipher is ignored. > If I use > certtool -p --pkcs8 --dsa --pkcs-cipher aes-256 --outfile privkey.pem > I get following output: This is the correct command. It seems you uncovered a bug and when generating a key with the --pkcs8 parameter it always uses 3des. To avoid that generate the key as you did in the first case and then convert it to pkcs8 format using /certtool -k --to-p8 --pkcs-cipher aes-128 --load-privkey privkey.pem > output.p8 I've fixed the problem in the git repository. regards, Nikos _______________________________________________ Help-gnutls mailing list [email protected] http://lists.gnu.org/mailman/listinfo/help-gnutls
