OpenSSL: Handbook says "send *private* key to CA" ??
Brett Schroeder
brett at brettschroeder.name
Sat May 14 04:31:07 UTC 2005
Ceri Davies wrote:
>
> On 10 May 2005, at 06:11, Brett Schroeder wrote:
>
>> # openssl req -new -nodes -out req.pem -keyout cert.pem
>>
>> and then a few lines later the text says
>>
>> "A cert.pem file should now exist in the directory which the
>> aforementioned command was issued. This is the certificate which may be
>> sent to any CA for signing."
>>
>>> From the "openssl req" man page
>>
>>
>> -keyout filename
>> this gives the filename to write the newly created private
>> key to.
>> If this option is not specified then the filename present
>> in the
>> configuration file is used.
>>
>> Thoughts?
>
>
> [Liberal snippage in the above]
>
> Hi Brett,
>
> You're quite right about this; how do you find the attached diff?
>
> Ceri
Ceri,
Looks good. You gonna submit it?
Brett
More information about the freebsd-doc
mailing list