Red Hat Bugzilla – Bug 1478259
genpkey man page should state default format
Last modified: 2017-08-17 09:10:28 EDT
Description of problem:
The genpkey(1) man page does not state what the default format is.
Version-Release number of selected component (if applicable):
~]$ rpm -q openssl
Steps to Reproduce:
1. man genpkey
This specifies the output format DER or PEM.
This specifies the output format DER or PEM. The default is PEM.
I came to the genpkey man page because the openssl man page has this line:
genrsa Generation of RSA Private Key. Superceded by genpkey.
But now I see the genrsa(1) page does not mention that it has been superseded.
I am also now confused because this command works:
openssl genrsa -out test1/my_cert_key1 4096
but this command does not work:
openssl genpkey -out test2/my_cert_key2 4096
So superseded does not mean drop-in replacement. Is my comment 0 then wrong?
genpkey is not a drop-in replacement of genrsa however it supports all its functionality and more.
Unfortunately the command options need to be modified to work with genpkey instead of genrsa. See the manual page of genpkey:
openssl genpkey -algorithm RSA -out key.pem -pkeyopt rsa_keygen_bits:4096
would be the replacement of your command.
Fedora 24 changed to end-of-life (EOL) status on 2017-08-08. Fedora 24 is
no longer maintained, which means that it will not receive any further
security or bug fix updates. As a result we are closing this bug.
If you can reproduce this bug against a currently maintained version of
Fedora please feel free to reopen this bug against that version. If you
are unable to reopen this bug, please file a new report against the
current release. If you experience problems, please add a comment to this
Thank you for reporting this bug and we are sorry it could not be fixed.
This is fixed in upstream git.