Bug 49421

Summary: openssl won't let you create certificate without a password
Product: [Retired] Red Hat Raw Hide Reporter: Jonathan Kamens <jik>
Component: opensslAssignee: Nalin Dahyabhai <nalin>
Status: CLOSED NOTABUG QA Contact:
Severity: medium Docs Contact:
Priority: medium    
Version: 1.0CC: djuran
Target Milestone: ---   
Target Release: ---   
Hardware: i386   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2001-07-19 13:40:28 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Jonathan Kamens 2001-07-19 13:40:21 UTC 
/usr/bin/openssl won't let you create a certificate without a password (at
least not as far as I can tell).  That means that you can't create a test
certificate to install on your Web server which will allow the Web server
to come up with SSL enabled without stopping at boot time to prompt for a
password.  This is bad.
Comment 1 Nalin Dahyabhai 2001-08-08 19:33:25 UTC 
The default mode for the openssl "genrsa" command does not encrypt the key.
To prevent encryption when generating a key while generating a certificate using 
the "req" command, use the "-nodes" flag:
openssl req -new -newkey rsa:1024 -nodes -keyout /tmp/server.key -x509 -out
/tmp/server.crt -days 365