Fix a bug with private key encryption.

openssl req does not have to generate a private key (which is not encrypted, even if the user wants to) while key is already generated right before.
2013-10-16 16:44:34 +02:00 · 2013-10-16 16:44:34 +02:00 · 6b584b62e3
parent a842d23d20
commit 6b584b62e3
1 changed files with 3 additions and 5 deletions
--- a/shellpki.sh
+++ b/shellpki.sh
@ -71,11 +71,9 @@ fi

 # generate csr req
 $OPENSSL req 		\
-    -new -days 1000 	\
-    -config $CONFFILE 	\
-    -newkey rsa:2048 	\
-    -nodes 		\
-    -keyout $DIR/$cn.key \
+    -new            	\
+    -key $DIR/$cn.key   \
+    -config $CONFFILE   \
    -out $DIR/$cn.csr

 # ca sign and generate cert