[openssl-users] Certificate for RSA 2048 key says 2058
Ken Goldman
kgoldman at us.ibm.com
Thu Dec 14 18:11:21 UTC 2017
I generate a key and self signed certificate like this:
> openssl genrsa -out cakey.pem -aes256 -passout pass:rrrr 2048
> openssl req -new -x509 -key cakey.pem -out cacert.pem -days 3650
When I dump the certificate, I see
....
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2058 bit)
Modulus:
02:b1:4c:dd:59:4d:72:8d:93:4b:e5:07:89:53:f7:
....
Why 2058 - 10 extra bits? I know that, at times, ASN.1 DER needs an
extra byte to make a number positive, but 10 bits?
More information about the openssl-users
mailing list