Create CSR using existing private key

This is the second example from the documentation of OpenSSL req:

Create a private key and then generate a certificate request from it:

openssl genrsa -out key.pem 2048
openssl req -new -key key.pem -out req.pem

Note that, if you do this directly with req (see 3rd example), if you don’t use the -nodes option, your private key will also be encrypted:

openssl req -newkey rsa:2048 -keyout key.pem -out req.pem

(Despite what the documentation says, it’s not exactly the same as the second example, since it doesn’t use -des3, but you would have done so anyway.)

Leave a Comment