[openssl-users] Not getting "RSA" keyword for a key in fips mode
Dr. Stephen Henson
steve at openssl.org
Thu Jun 11 13:57:47 UTC 2015
On Thu, Jun 11, 2015, Gayathri Manoj wrote:
> Hi All,
> I am trying to create a pem format key for my existing key by using the
> below command.
> openssl rsa -in my_rsa_key -outform PEM -out my_res_newkey_pem
> The new key format is -----BEGIN PRIVATE KEY-----.
> But I am expecting -----BEGIN RSA PRIVATE KEY-----
> In nonFIPS mode i am getting -----BEGIN RSA PRIVATE KEY----- as expected.
> My openssl version is OpenSSL 0.9.8zf-fips.
> Please let me know how can I generate the new key in BEGIN RSA PRIVATE KEY
You can't because the format isn't allowed in FIPS mode because it uses
MD5 for key derivation.
Dr Stephen N. Henson. OpenSSL project core developer.
Commercial tech support now available see: http://www.openssl.org
More information about the openssl-users