Running OpenSSL
OpenSSL is a command-line program, meaning that you enter text commands in a command window and
status and error messages are displayed as the command executes. To run OpenSSL:
• Windows – If you accept the default installation options, the installer will create a directory for the
program on your C:\ drive. For example:
C:\OpenSSL-Win32
To run the program, go to the C:\OpenSSL-Win32\bin directory and double-click the îš´le openssl.exe.
This opens a text window with an OpenSSL> prompt. Enter the commands described below at this
prompt. The îš´les you generate are placed in this same directory.
• Linux – Depends on your installation.
Generating a private key
A private key îš´le is a text îš´le that can be opened with any text editor. The îš´le must have a *.pem
extension. It will look something like this (only much longer):
-----BEGIN RSA PRIVATE KEY-----
Proc-Type: 4,ENCRYPTED
DEK-Info: AES-256-CBC,F6F1F37584D8189C97F23F9DCD431B42
qwabUGR9ag09wq1nDtsB3hSuXtJdOBhEn3Wok6qrIWqE8VL8Ss5N7U4MNIWA4G9A ...
-----END RSA PRIVATE KEY-----
The genrsa command is used to generate an RSA private key îš´le.
The most basic form of the genrsa command speciîš´es the name of the output îš´le containing the key and
speciîš´es AES256 encryption (required).
• Windows
Openssl> genrsa -out key-filename.pem -aes256
• Linux
$ openssl genrsa -out key-filename.pem -aes256
The –pass option adds password protection to the certicate. If specied, tape library users will be
required to enter this password to log in to the GUI.
• Windows
Openssl> genrsa -out key-filename.pem -aes256 -passout pass:Passw0rd1
• Linux
$ openssl genrsa -out key-filename.pem -aes256 -passout pass:Passw0rd1
If you do not specify a size for the private key, the genrsa command uses the default value of 512 bits. To
specify a different key size, enter the value as shown in the following example (2048). The key size must
be the last option in the command.
• Windows
Openssl> genrsa -out key-filename.pem -aes256 -passout pass:Passw0rd1 2048
• Linux
$ openssl genrsa -out key-filename.pem -aes256 -passout pass:Passw0rd1 2048
IBM Conîš´dential
186IBM TS4300 Tape Library Machine Type 3555: User's Guide
To Next Page
Need help?
General
