Closed TinCanTech closed 4 months ago
OpenSSL command 'req', option '-keyout' behaves differently between OpenSSL v3.x verses v1.x
When the private key is encrypted:
v3.x creates the original key, encrypted by AES-256-CBC; then creates the unnecessary, secondary key, encrypted by DES-EDE3-CBC.
Because EasyRSA has already generated the private key, the 'req' command must not generate a secondary key.
OpenSSL command 'req', option '-keyout' behaves differently between OpenSSL v3.x verses v1.x
When the private key is encrypted:
v3.x creates the original key, encrypted by AES-256-CBC; then creates the unnecessary, secondary key, encrypted by DES-EDE3-CBC.
Because EasyRSA has already generated the private key, the 'req' command must not generate a secondary key.