[Pkg-openssl-devel] Bug#915612: openssl: "genrsa" changed command line interface in stretch-security update
Manuel Montecelo
mmontecelo at sipwise.com
Wed Dec 5 10:09:25 GMT 2018
Package: openssl
Version: 1.1.0j-1~deb9u1
Severity: normal
Hi,
After this update to stretch-security:
Accepted openssl 1.1.0j-1~deb9u1 (source) into stable->embargoed, stable
the subcommand genrsa changed interface from its previous version, and does not
accept -config or -batch options anymore:
Extra arguments given.
genrsa: Use -help for summary.
I worked around the issue in other ways, and I know that "genpkey" is supposed
to supercede "genrsa", but this problem might affect scripts that the users
cannot easily change, and it's OK-ish for major versions but would be nice to
not affect systems with stable-security updates.
For reference, command that used to work:
openssl genrsa -out "${KEY_FILE}" 4096 -config "${CONFIG_FILE}" -batch
As a workaround with "genrsa":
OPENSSL_CONF="${CONFIG_FILE}" openssl genrsa -out "${KEY_FILE}" 4096
Cheers.
--
Manuel Montecelo <mmontecelo at sipwise.com>
More information about the Pkg-openssl-devel
mailing list