Common OpenSSL Commands with Keys and Certificates
Generate RSA private key with certificate in a single command
Generate Certificate Signing Request (CSR) from private key with passphrase
Mar 03, 2020 You can generate a 2048-bit RSA key pair with the following commands: openssl genpkey -algorithm RSA -out rsaprivate.pem -pkeyopt rsakeygenbits:2048 openssl rsa -in rsaprivate.pem -pubout -out rsapublic.pem These commands create the following public/private key pair: rsaprivate.pem: The private key that must be securely stored on the. Use OpenSSL 'Pass Phrase arguments'. If you want to supply a password for the output-file, you will need the (awkwardly named) -passout parameter. This is a multi-dimensional parameter and allow you to read the actual password from a number of sources. Such as file or from an environment variable. Set OPENSSLCONF=C:optopensslshareopenssl.cnf Generate a private RSA key. You can generate your private key with or without a passphrase to protect it. You only need to choose one of these options. This will generate a 2048-bit RSA private key. # Generate 2048 bit RSA private key (no passphrase) openssl genrsa -out privkey.pem 2048.