> Date: Fri, 16 Dec 2011 14:52:27 -0500
> Subject: Re: Generate private key problems
> From: noloa...@gmail.com
> To: openssl-users@openssl.org
>
> 2011/12/16 Yang Chun-Kai <waitmefore...@hotmail.com>:
> > 1. If I use "openssl genrsa -out my_private_key.key 2048" this command then
> > I will get the encrypted private key or not encrypted key ?
> >
> > because I want to use python ssl module and heard python ssl lib not support
> > encrypted private key for sockets.
> Pyhon's SSL module has some serious problems. You might want to pick a
> different library. See, for example, http://bugs.python.org/issue1589:
> "Unfortunately, hostname matching is one of those ideas that seemed
> better when it was thought up than it actually proved to be in
> practice."
>
> > 2. If I use encrypted key and .crs file to generate a certificate then will
> > certificate be different from being generated with not encrypted key ?
> I don't believe so (other than encryption).
>
> > 3. " openssl genrsa -des3 -out my_private_key.key 2048" this command will
> > generate a private as well, and more it will ask for password,
> >
> > and what is so differen with "-des3" parameter?
> http://www.openssl.org/docs/apps/req.html
>>> >>>Ok, so not with -des/des3 I will get a not encrypted private key.
> >
> > 4. How to generate the key and certificate in "PEM format"? Also heard
> > python ssl lib need private key and certificate in PEM f ormat.
> See -outform.>>>>>>I checked the manual "openssl genrsa" command not with
> "-outform PEM" option, then how can I do this ?
>>>Maybe transform it with "pkey command" ? >>>>>>Kay
> Jeff
> ______________________________________________________________________
> OpenSSL Project http://www.openssl.org
> User Support Mailing List openssl-users@openssl.org
> Automated List Manager majord...@openssl.org
