> From: Viktor Dukhovni
> >
> > In the script, I used this:
> >
> > openssl ec -aes128 -passout pass: -in tmpecprivkeydec.pem
> -out tmpecprivkey.pem
>
> I try to avoid putting sensitive information in command-line arguments.
>
> If you're using "bash" (which has "printf" as a built-in) yo
> On Mar 25, 2019, at 1:53 PM, Kenneth Goldman wrote:
>
>
> $ openssl ec -aes128 <
> This was the piece I was missing. Thanks.
>
> In the script, I used this:
>
> openssl ec -aes128 -passout pass: -in tmpecprivkeydec.pem -out
> tmpecprivkey.pem
I try to avoid putting sensitive
> From: Michael Wojcik
> Sent: Thursday, February 28, 2019 15:55
>
> Have you tried just changing the PEM header and footer? ...
Whoops. Just saw Viktor's response. Never mind.
--
Michael Wojcik
Distinguished Engineer, Micro Focus
> From: openssl-users [mailto:openssl-users-boun...@openssl.org] On Behalf Of
> Ken Goldman
> Sent: Thursday, February 28, 2019 15:06
>
> I've been using this command to generate a password protected ECC keypair.
>
> openssl ecparam -name prime256v1 -genkey -noout | openssl pkey -aes256
> -passout
On Thu, Feb 28, 2019 at 03:05:43PM -0500, Ken Goldman wrote:
> The output is a
> -BEGIN ENCRYPTED PRIVATE KEY-
This is PKCS8, which is the non-legacy private key format that
should be used by modern libraries. This is for example output by:
$ openssl genpkey -algorithm ec -pkeyopt e
