[gnutls-help] certtool does not encrypt private keyfiles

w94f8726ui w94f8726ui at googlemail.com
Thu Oct 31 15:32:38 CET 2013


i generate a key with the following line:

/usr/local/bin/certtool -p -8 --pkcs-cipher=aes-256 
--disable-quick-random --sec-param=ultra --password=XXXXX --outfile 

Now i have a wonderful keyfile with a minor problem.
The keyfile holds, pricate key, x and y in UNENCRYPTED values.
After that the encrypted keypart starts.

So, is this a bug or do i have to manually remove the unencrypted parts?
Cause i think a lot of folks generate encrypted keyfiles and think that 
all the important info would be encrypted.

Using GnuTLS 3.2.6.

best regards,

More information about the Gnutls-help mailing list