On Mon, Dec 15, 2003 at 09:01:14AM +0100, Andreas Aardal Hanssen wrote: > >I wonder how you get it to work without removing the password from the > >key. > > ...By not creating a password in the first place. When openssl asks for > it, hitting enter will create a key with no password.
Are you quite sure of this? When running openssl genrsa, if one passes -des or -des3 or -idea, (my) openssl wont give up until you type at least four characters of passphrase. The same happens when I run openssl req -newkey rsa:1024 -keyout key -new -out req.. I either have to specify -nodes, or by running openssl genrsa 1024 -out key specifically without -des, -des3 or -idea. This entire thing should probably be added to the SSL stuff on LWBI.. I thought about splitting DIYCA up into two - one part focusing on how to make the CA, the other part on how to use the (maybe any?) CA with Binc. //Peter
