[openssl-users] Not getting "RSA" keyword for a key in fips mode
Dr. Stephen Henson
steve at openssl.org
Thu Jun 11 13:57:47 UTC 2015
On Thu, Jun 11, 2015, Gayathri Manoj wrote:
> Hi All,
>
>
> I am trying to create a pem format key for my existing key by using the
> below command.
>
> openssl rsa -in my_rsa_key -outform PEM -out my_res_newkey_pem
>
> The new key format is -----BEGIN PRIVATE KEY-----.
> But I am expecting -----BEGIN RSA PRIVATE KEY-----
>
> In nonFIPS mode i am getting -----BEGIN RSA PRIVATE KEY----- as expected.
>
> My openssl version is OpenSSL 0.9.8zf-fips.
>
> Please let me know how can I generate the new key in BEGIN RSA PRIVATE KEY
> format.
>
You can't because the format isn't allowed in FIPS mode because it uses
MD5 for key derivation.
Steve.
--
Dr Stephen N. Henson. OpenSSL project core developer.
Commercial tech support now available see: http://www.openssl.org
More information about the openssl-users
mailing list