I was evaluating openssl-1.0.0a and performed a PKCS12 conversion to PEM
using the following command:
openssl pkcs12 -in myfile.p12 -nodes -out myfile.pem
However, I noticed that in the resulting PEM file the preamble for the
resulting private key displayed "-----BEGIN PRIVATE KEY-----"
If I performed the same command using openssl-0.9.8k, the preamble for
the private key is displayed as "-----BEGIN RSA PRIVATE KEY-----" (which
is consistent with prior versions of openssl).
I also noticed that the extracted private key is different when I use
1.0.0a. It is smaller but the certificate extracted from the p12 file is
the same for both versions of openssl.
I believe this may be due to a FIPS flag, but I cannot confirm that in
reviewing the config files or code (but it may be there).
Does anybody know why the premable and private key is different when I
use 1.0.0a (it is causing me some import problems of the private key
with other software)?
Thanks,
Rick Robinson CISSP, ISSAP |
Senior Security Architect |
Distinguished Member of Technical Staff |
Technology, Strategy, and Development |
Avaya Inc. |
1300 West 120th Ave | B2-D31 | Westminster, CO 80234 |
Voice/Fax 303-538-0749 | [email protected] | PGP KeyID 0x0610169B |
A New Era of Intelligent Communications
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [email protected]
Automated List Manager [email protected]
