Bernhard Froehlich wrote: >> one silly question: if I generate a request with >> openssl req -new -keyout mykey.pem -out myreq.pem 265 >> the private key in mykey.pem is encrypted or not? >> > Since my openssl asks me for a password when using "openssl req -new -keyout > mykey.pem -out myreq.pem", I'd think the key is encrypted. Maybe your openssl.conf > can influence that. If you want to be sure the key is unencrypted use the option > "-nodes". >
Sure, but the story is a little bit more complicated. I have some systems running standalone, and far from here. I want to control them using VNC and encrypting the traffic between me and the systems. Those systems are accessible also to other people, so if I install a certificate with unencrypted private key, encrypting is useless, since a thirty part has private key too. BTW, my doubt is: under pcAnywhere and apache I issue certificates with private key taht, AFAIK, should be RSA encrypted, and I supply a password for the pem I generate with openssl req. Therefore how pcAnywhere and apache handle this situation, since they both DON'T ask me for any password? Ciao ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
