Bug 1478259 - genpkey man page should state default format
genpkey man page should state default format
Product: Fedora
Classification: Fedora
Component: openssl (Show other bugs)
Unspecified Unspecified
unspecified Severity unspecified
: ---
: ---
Assigned To: Tomas Mraz
Fedora Extras Quality Assurance
Depends On:
  Show dependency treegraph
Reported: 2017-08-04 02:51 EDT by Stephen Wadeley
Modified: 2017-08-17 09:10 EDT (History)
1 user (show)

See Also:
Fixed In Version:
Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2017-08-08 15:51:54 EDT
Type: Bug
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)

  None (edit)
Description Stephen Wadeley 2017-08-04 02:51:08 EDT
Description of problem:

The genpkey(1) man page does not state what the default format is.

Version-Release number of selected component (if applicable):
~]$ rpm -q openssl

How reproducible:

Steps to Reproduce:
1. man genpkey
2. /outform

Actual results:

       -outform DER|PEM
           This specifies the output format DER or PEM.

Expected results:

       -outform DER|PEM
           This specifies the output format DER or PEM. The default is PEM.

Additional info:
Comment 1 Stephen Wadeley 2017-08-04 03:34:50 EDT

I came to the genpkey man page because the openssl man page has this line:

       genrsa    Generation of RSA Private Key. Superceded by genpkey.

But now I see the genrsa(1) page does not mention that it has been superseded.

I am also now confused because this command works:

openssl genrsa -out test1/my_cert_key1 4096

but this command does not work:

openssl genpkey -out test2/my_cert_key2 4096

So superseded does not mean drop-in replacement. Is my comment 0 then wrong?

Thnak you
Comment 2 Tomas Mraz 2017-08-07 08:35:31 EDT
genpkey is not a drop-in replacement of genrsa however it supports all its functionality and more.

Unfortunately the command options need to be modified to work with genpkey instead of genrsa. See the manual page of genpkey:

openssl genpkey -algorithm RSA -out key.pem -pkeyopt rsa_keygen_bits:4096

would be the replacement of your command.
Comment 3 Fedora End Of Life 2017-08-08 15:51:54 EDT
Fedora 24 changed to end-of-life (EOL) status on 2017-08-08. Fedora 24 is
no longer maintained, which means that it will not receive any further
security or bug fix updates. As a result we are closing this bug.

If you can reproduce this bug against a currently maintained version of
Fedora please feel free to reopen this bug against that version. If you
are unable to reopen this bug, please file a new report against the
current release. If you experience problems, please add a comment to this

Thank you for reporting this bug and we are sorry it could not be fixed.
Comment 4 Tomas Mraz 2017-08-17 09:01:13 EDT
This is fixed in upstream git.
Comment 5 Stephen Wadeley 2017-08-17 09:10:28 EDT
thank you

Note You need to log in before you can comment on or make changes to this bug.