On Fri May 20 10:26:56 2016, slimshady...@gmail.com wrote: > > I'm glad I was able to get the desired result with the workaround, but > the > pkcs8 command does not work as advertised. I tried it with encrypted > keys and > got the same result that way as well.
The bug is in the documentation. The pkcs8 command writes private keys with PEM_write_bio_PrivateKey() which used to use "traditional" format. Tthat function got updated to use the more secure PKCS#8 encrypted format but the documentation wasn't fixed to reflect that and there was no equivalent to PEM_write_bio_PrivateKey() which used traditional format. The master branch has a fix for this: the pkcs8 and the pkey commands now have a -traditional command line switch which forces traditional format. Steve. -- Dr Stephen N. Henson. OpenSSL project core developer. Commercial tech support now available see: http://www.openssl.org -- Ticket here: http://rt.openssl.org/Ticket/Display.html?id=4544 Please log in as guest with password guest if prompted -- openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev