[openssl-users] Problem with DER private key file into openssl ca

Robert Moskowitz rgm at htt-consult.com
Mon Aug 21 19:50:55 UTC 2017

On 08/21/2017 01:41 PM, Jeffrey Walton wrote:
>> openssl req -outform $format -config $cadir/openssl-root.cnf -set_serial
>> 0x$(openssl rand -hex $sn)\
>>        -inform $format -key private/ca.key.$format -subj "$DN"\
>>        -new -x509 -days 7300 -sha256 -extensions v3_ca -out
>> certs/ca.cert.$format
>> unable to load Private Key
>> 140492430772088:error:0906D06C:PEM routines:PEM_read_bio:no start
>> line:pem_lib.c:707:Expecting: ANY PRIVATE KEY
>> How do I tell it that the private key is DER?
> -inform is used to specify the encoding. You can find the man pages at
> https://www.openssl.org/docs/man1.0.2/apps/. You want the req.html.

And the proper argument is:



This is sooooo much fun.  Sigh.


More information about the openssl-users mailing list