Problem with Asymetric, two-key encryption and Certificate Requests.

A Z poweruserm at
Mon Sep 19 01:32:40 UTC 2022

A#) openssl req -x509 -nodes -newkey rsa:4096 -keyout private.key -out public.key

B#) openssl smime -encrypt -binary -aes-256-cbc -in message.txt -out encrypted.dat -outform DER public.key

C#) openssl smime -decrypt -in encrypted.dat -binary -inform DEM -inkey private.key -out decrypted.txt

How can I complete step A#), so that step B#)  will work, without involving a Certificate Request, which requires
a non-blank two digit nation code,

'You can set an empty issuer/subject DN, or use "-keyid" to avoid copying
these into the CMS message.'

Can someone please update my included A#), B#) or C#) instructions, included above here, to acheive
this suggestion, so that no certificate information is put into 'encrypted.dat', including the nation,
so that 'encrypted.dat' includes no plain text whatsoever, and so that A#) + B#) + C#) all work
as desired, for small, medium and large files, of 'message.txt'?  I am struggling to correct what I
have done so far, so that there are no errors, and so that all the steps work: (generation of a private and public key,
encryption of the file, and decrypt of the file).  ?
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <>

More information about the openssl-users mailing list