Menu
It seems that both of the following commands (openssl from LibreSSL) produce private keys. Is there a difference between them? If not, why there are two ways to generate the private keys? Thanks.
openssl genrsa -out key.pem 1024
openssl genpkey -algorithm rsa -out privkey.pem -pkeyopt rsa_keygen_bits:1024
917
Both ways create RSA keys, albeit in different formats. genrsa outputs a RSA key in PKCS#1 format while genpkey outputs a more generic container which can manage different kinds of keys (like ECC). See Differences between “BEGIN RSA PRIVATE KEY” and “BEGIN PRIVATE KEY" for more on this.
Note that the documentation for genpkey explicitly states that this tool should be used in instead of the algorithm specific genrsa:
The use of the genpkey program is encouraged over the algorithm specific utilities because additional algorithm options and ENGINE provided algorithms can be used.
108
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
