[Pkg-openssl-devel] Bug#739960: openssl req creates PEM key file in semi-unsupported format
Alastair Irvine
alastair at plug.org.au
Mon Feb 24 11:56:36 UTC 2014
Package: openssl
Version: 1.0.1-4ubuntu5.8
Severity: important
Dear Maintainer,
The OpenSSL 1.0 change log has the following:
Make PKCS#8 the default write format for private keys, replacing the
traditional format. This form is standardised, more secure and
doesn't include an implicit MD5 dependency. [Steve Henson]
However, PKCS#8 is not yet widely supported.
I suggest a -pemtype option that causes the PKCS#1 format to be used
instead when providing the -newkey option to "openssl req".
-- System Information:
Debian Release: wheezy/sid
APT prefers precise-updates
APT policy: (500, 'precise-updates'), (500, 'precise-security'), (500, 'precise')
Architecture: amd64 (x86_64)
Kernel: Linux 3.2.0-36-virtual (SMP w/1 CPU core)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Versions of packages openssl depends on:
ii libc6 2.15-0ubuntu10.3
ii libssl1.0.0 1.0.1-4ubuntu5.8
openssl recommends no packages.
Versions of packages openssl suggests:
ii ca-certificates 20111211
-- no debconf information
More information about the Pkg-openssl-devel
mailing list