OpenSSL Generating a Private Key: Difference between revisions

Revision as of 19:14, 12 February 2013

Generate the private key using openssl.
1. To Generate a private key with a pass phrase.
  1. # openssl genrsa -des3 -out <key_name>_passphrase.key 1024
  2. Enter a pass phrase for the key.
  3. Create a copy of the key with no pass phrase.
    1. # cp <key_name>_passphrase.key <key_name>_nopassphrase.key
    2. # openssl rsa -in <key_name>_nopassphrase.key -out <key_name>.key
  4. Verify the checksum of the key, this will be used to verify the CSR and the self signed certificate.
    1. # openssl rsa -noout -modulus -in <key_name>.key | openssl md5
2. To Generate a private key without a pass phrase
  1. # openssl genrsa -out <key_name>_passphrase.key 1024
Verify the checksum of the key, this will be used to verify the CSR and the self signed certificate.
1. # openssl rsa -noout -modulus -in <key_name>.key | openssl md5
At this point, create a backup of all of the keys on separate media.
For use in Apache, use the SSL key with no pass phrase to generate any CSRs.

@@ Line 12: / Line 12: @@
 ## To Generate a private key without a pass phrase
 ### <tt>'''# openssl genrsa -out <key_name>_passphrase.key 1024'''</tt>
-# Create a copy of the key with no pass phrase.
-## <tt>'''# cp <key_name>_passphrase.key <key_name>_nopassphrase.key'''</tt>
-## <tt>'''# openssl rsa -in <key_name>_nopassphrase.key -out <key_name>.key'''</tt>
 # Verify the checksum of the key, this will be used to verify the CSR and the self signed certificate.
 ## <tt>'''# openssl rsa -noout -modulus -in <key_name>.key | openssl md5'''</tt>
-# At this point, create a backup of the '''<key_name>_passphrase.key''' and '''<key_name>.key''' on separate media.
+# At this point, create a backup of all of the keys on separate media.
 # For use in Apache, use the SSL key with no pass phrase to generate any CSRs.