Menu
I wanted to confirm if we can create PKCS#1/traditional formatted RSA keys using version 3.0.0 of OpenSSL. I guess following command is giving me the output in PKCS#8 format. openssl genrsa -out server.key 2048
Thanks.
400
asked Oct 20 '25 04:10
Using OpenSSL 3.0, you can use the -traditional switch to get the older format for your output, both for the openssl rsa and openssl genrsa subcommands. Tested on Ubuntu 22.04.
101
answered Oct 24 '25 21:10
You can do this directly(PKCS#8):
openssl genpkey -out rsakey.pem -algorithm RSA -pkeyopt rsa_keygen_bits:2048
cat rsakey.pem
-----BEGIN PRIVATE KEY-----
base64_encode xxx
-----END PRIVATE KEY-----
openSSL 1.1.1(PKCS#1)
openssl genrsa -out server.key 2048
cat server.key
-----BEGIN RSA PRIVATE KEY-----
base64_encode xxx
-----END RSA PRIVATE KEY-----
openssl pkcs8 to pkcs1 command
openssl rsa -in rsakey.pem -out rsakey_pkcs1.pem
cat rsakey_pkcs1.pem
-----BEGIN RSA PRIVATE KEY-----
base64_encode xxx
-----END RSA PRIVATE KEY-----
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With