OpenSSL Generating a Private Key: Difference between revisions

Latest revision as of 19:21, 12 November 2020

Generate the private key using openssl.
1. To Generate a private key with a pass phrase.
  1. # openssl genrsa -des3 -out <key_name>_passphrase.key 2048
  2. Enter a pass phrase for the key.
  3. Create a copy of the key with no pass phrase.
    1. # cp <key_name>_passphrase.key <key_name>_nopassphrase.key
    2. # openssl rsa -in <key_name>_nopassphrase.key -out <key_name>.key
  4. Verify the checksum of the key, this will be used to verify the CSR and the self signed certificate.
    1. # openssl rsa -noout -modulus -in <key_name>.key | openssl md5
2. To Generate a private key without a pass phrase.
  1. # openssl genrsa -out <key_name>_nopassphrase.key 2048
Verify the checksum of the key, this will be used to verify the CSR and the self signed certificate.
1. # openssl rsa -noout -modulus -in <key_name>.key | openssl md5
At this point, create a backup of all of the keys on separate media.
For use in Apache, use the SSL key with no pass phrase to generate any CSRs.

@@ Line 11: / Line 11: @@
 #### <tt>'''# openssl rsa -noout -modulus -in <key_name>.key | openssl md5'''</tt>
 ## To Generate a private key without a pass phrase.
-### <tt>'''# openssl genrsa -out <key_name>_passphrase.key 2048'''</tt>
+### <tt>'''# openssl genrsa -out <key_name>_nopassphrase.key 2048'''</tt>
 # Verify the checksum of the key, this will be used to verify the CSR and the self signed certificate.
 ## <tt>'''# openssl rsa -noout -modulus -in <key_name>.key | openssl md5'''</tt>