From 6b584b62e3fcb447a6ea66bef75a0a6959528a6f Mon Sep 17 00:00:00 2001
From: Romain Dessort <rdessort@evolix.fr>
Date: Wed, 16 Oct 2013 16:44:34 +0200
Subject: [PATCH] Fix a bug with private key encryption.

openssl req does not have to generate a private key (which is not encrypted,
even if the user wants to) while key is already generated right before.
---
 shellpki.sh | 8 +++-----
 1 file changed, 3 insertions(+), 5 deletions(-)

diff --git a/shellpki.sh b/shellpki.sh
index 5b97327..62fba37 100755
--- a/shellpki.sh
+++ b/shellpki.sh
@@ -71,11 +71,9 @@ fi
 
 # generate csr req
 $OPENSSL req 		\
-    -new -days 1000 	\
-    -config $CONFFILE 	\
-    -newkey rsa:2048 	\
-    -nodes 		\
-    -keyout $DIR/$cn.key \
+    -new            	\
+    -key $DIR/$cn.key   \
+    -config $CONFFILE   \
     -out $DIR/$cn.csr
 
 # ca sign and generate cert