User Tools

Site Tools



This shows you the differences between two versions of the page.

Link to this comparison view

howtos:encrypt_a_private_key [d/m/Y H:i] (current)
Line 1: Line 1:
 +If you have a private key that is not encrypted (for example, it was created with the "​-nodes"​ command line option), you can encrypt the private key with a password. A typical openssl command and resulting interactive session is shown here:
 +    > openssl rsa -des3 -in hostkeyNOPASSWORD.pem -out hostkeySECURE.pem
 +    writing RSA key
 +    Enter PEM pass phrase:
 +    Verifying - Enter PEM pass phrase:
 +    >
 +Here's an explanation of the command line options:
 +    * -des3 - encrypt the private key with the triple DES cipher before outputting it. The passphrase you enter must be at least four characters long.
 +    * -in hostkeyNOPASSWORD.pem - read in the unencrypted private key from the file hostkeyNOPASSWORD.pem.
 +    * -out hostkeySECURE.pem - write out the encrypted private key to the file hostkeySECURE.pem.
howtos/encrypt_a_private_key.txt · Last modified: d/m/Y H:i (external edit)