Add -nodes to your command line.
-----Original Message----- hi everybody, I did this command: openssl req -newkey rsa:1024 -keyout testkey.pem -keyform PEM -out testreq.pem to create a pair of private key (testkey.pem) and a request certificate (testreq.pem). I read in book "Network Security with Openssl", it said that the gerenated rsa private key will be unencrypted by default. But with above command my testkey is encrypted with DES: -----BEGIN RSA PRIVATE KEY----- Proc-Type: 4,ENCRYPTED DEK-Info: DES-EDE3-CBC,D281965217BDE6FC JgoCOeNB6b1pLxdSM58A895HJfwuCNr0GEs6MC9qZil4Otxi8IHFC2lh1UUik6f2 NWPE7+PD+hBKE/lxwr3U1rmHl7xx4GNJDF2ZoLxlbNFVfLSJj5zckDJQWQDkqxUD Wd4IpUl5npxoBU5lhmCF3m4exgcZ/WXqTGB+fzB4MXGep1cg32UTX9A4Qz4a1JJ+ yc44XAw47Vu6gpZF/88WFlkEnABdNvEAucA1s9YQNqLAETK3gwXait1TA7TzUJlo 4zc4Cwl2Lx8b0Nn6OC/6m58vwVYVzEQbWSkWKHRVon/a7O9dyyivQnKbOtQH2WoP hfolz/QiXrWQfWkWJ+oNFKtraMdLxjLhsOaqOG8mc1m/a3wBeI5tfCDDwGuPXnZg K7GAPbET9R4mMKX68jWjSy7aT9M5Mp51WfMDePje/pfzJgI3Afem+eq3zrbIa0Ic CUaJm8q9X/HoEPJtFOlpM772rBwzOJBRVGi3qro8FzRmTvyE4TKgvg+FnWo3Lw80 t1v39AFR1eFyz9MNAxlHOV/G751ZtO1ixd7wbNDcQNEXO5OkKhYtJgMVArLJQxfr MgVCmSB0w0cVSenMR4JzRWunQs1n8OLLZdRRvILo/XIdH0utbQjRMlpfmz71n0J/ 7306SZZwUIj/zqjJzJuyXYN5GlWfJwe4YC9yD0ToLlOaiGX+4tOg0Fcqq3D53WB5 CTo7DUYNkuJDYI+ILF4IbWTcpyxo23P5UcUsJwQdHdDsF8x91oe7M9f1ENKxQY9a MFyeCLUkmmfCm0FwXXaa/ZquLotmDWgnJWxgF4tJlFknXdd3SNBa/A== -----END RSA PRIVATE KEY----- Do anyone know with which option the command "openssl req -newkey rsa ..." generates rsa key without encryption? thanks, M. ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager [EMAIL PROTECTED] ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
