2011/12/16 Yang Chun-Kai <waitmefore...@hotmail.com>: > 1. If I use "openssl genrsa -out my_private_key.key 2048" this command then > I will get the encrypted private key or not encrypted key ? > > because I want to use python ssl module and heard python ssl lib not support > encrypted private key for sockets. Pyhon's SSL module has some serious problems. You might want to pick a different library. See, for example, http://bugs.python.org/issue1589: "Unfortunately, hostname matching is one of those ideas that seemed better when it was thought up than it actually proved to be in practice."
> 2. If I use encrypted key and .crs file to generate a certificate then will > certificate be different from being generated with not encrypted key ? I don't believe so (other than encryption). > 3. " openssl genrsa -des3 -out my_private_key.key 2048" this command will > generate a private as well, and more it will ask for password, > > and what is so differen with "-des3" parameter? http://www.openssl.org/docs/apps/req.html > > 4. How to generate the key and certificate in "PEM format"? Also heard > python ssl lib need private key and certificate in PEM f ormat. See -outform. Jeff ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
