Manualshelf

OpenSSL A.00.09.08w.001, A.00.09.08w.002, and A.00.09.08w.003 Release Notes (5900-2311, May 2012)

ManualsBrandsHP ManualsSoftwareHP-UX OpenSSL Software
11121314151617181920
Table 9 The Openssl command-line options (continued)
DescriptionOption Name
X.509 certificate verificationverify
X.509 certificate data managementx509
For more information on openssl command-line options, refer to openssl(1).
Using Openssl
This section explains the use of the openssl command-line tool with examples. For more
information, see the openssl(1) manpage.
Creating an RSA key
Following is the syntax to create an RSA public and private key pair:
# openssl genrsa -out <filename> <bits>
Where:
<bits> Specifies the size of the key.
<filename> Specifies the file name where the key must be stored.
To create an RSA public and private key pair, use the following command:
# openssl genrsa -out <filename> <bits>
Where:
<bits> Specifies the size of the key.
<filename> Specifies the file name for storing the key pair.
For example: # openssl genrsa -out key.pem 1024
This command creates a 1024-bit key pair and stores it in the file key.pem. The <bits> parameter
is optional. The default key size is 512 bits.
Creating a password-protected RSA key pair
Following is the syntax to create a password-protected private RSA key pair:
# openssl genrsa -<encryption-algorithm> -out <filename> <bits>
Where:
<encryption-algorithm> specifies the algorithm to be used for encrypting the private
key (using a password supplied by the user).
<filename> specifies the file name for storing the key pair.
<bits> specifies the key size.
For example: # openssl genrsa -des3 -out key.pem 1024.
This command creates a 3DES-encrypted 1024-bit key pair stored in the file key.txt. The
encryption is done using the pass phrase supplied by the user.
Viewing an RSA key pair
Following is the syntax to view an RSA key pair:
# openssl rsa -in <filename> -noout -text
For example: # openssl genrsa -des3 -out key.pem 1024.
This command displays the modulus, exponent, and prime key values of the key pair stored in the
key.pem file. If the key pair stored in key.pem is encrypted, then this commands prompts the
user for the pass phrase.
20 OpenSSL A.00.09.08w.001, A.00.09.08w.002, and A.00.09.08w.003