[gnutls-help] certtool re-encrypt key [convert from unencrypted to encrypted]

Nikos Mavrogiannopoulos nmav at gnutls.org
Thu Jun 22 08:27:14 CEST 2017


On Wed, Jun 21, 2017 at 8:44 PM,  <listserv.traffic at sloop.net> wrote:
> The archives at gmane are down/gone, so can't search the list archives.
> Google search returns zilch. [My google-foo might be weak...]
>
> Trying to encrypt a key after initial generation. The key was created without encryption.
>
> I can't manage to get certtool to do this.
> For example: certtool --load-privkey=ca-key.pem --outfile=ca-key-pass.pem --pkcs-cipher=aes256
> Does not work.
> I've tried quite a myriad of other things/variation too, to no avail.
> I could probably do this in openssl, but why not do it all in certtool...

Hi, use:
certtool --to-p8 --load-privkey ca-key.pem --outfile=ca-key-pass.pem
--pkcs-cipher=aes-256


regards,
Nikos



More information about the Gnutls-help mailing list