OpenSSL: Handbook says "send *private* key to CA" ??
Ceri Davies
ceri at submonkey.net
Fri May 13 18:41:01 UTC 2005
On 10 May 2005, at 06:11, Brett Schroeder wrote:
> # openssl req -new -nodes -out req.pem -keyout cert.pem
>
> and then a few lines later the text says
>
> "A cert.pem file should now exist in the directory which the
> aforementioned command was issued. This is the certificate which may be
> sent to any CA for signing."
>
>> From the "openssl req" man page
>
> -keyout filename
> this gives the filename to write the newly created private
> key to.
> If this option is not specified then the filename present
> in the
> configuration file is used.
>
> Thoughts?
[Liberal snippage in the above]
Hi Brett,
You're quite right about this; how do you find the attached diff?
Ceri
-------------- next part --------------
A non-text attachment was scrubbed...
Name: ca.diff
Type: application/octet-stream
Size: 1378 bytes
Desc: not available
URL: <http://lists.freebsd.org/pipermail/freebsd-doc/attachments/20050513/1d77eafa/attachment.obj>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: PGP.sig
Type: application/pgp-signature
Size: 186 bytes
Desc: This is a digitally signed message part
URL: <http://lists.freebsd.org/pipermail/freebsd-doc/attachments/20050513/1d77eafa/attachment.sig>
More information about the freebsd-doc
mailing list