27

Issue command:

openssl genrsa -out rsaprivatekey-nake.pem  -des3 1024

If not providing a passphrase(just press enter when requested), it keeps saying:

Enter pass phrase for rsaprivatekey-nake.pem:
3073726088:error:28069065:lib(40):UI_set_result:result too small:ui_lib.c:869:You must type in 4 to 8191 characters

Can anybody tell me why?

Env: openSUSE 11.4, openssl 1.0.0c

enter image description here

Jimm Chen
  • 5,702
  • 6
  • 31
  • 40

1 Answers1

38

Because you are asking it to encrypt the private key by giving the -des3 option.

If you don't want your key to be protected by a password, remove the -des3 option from the command line.

manos
  • 416
  • 5
  • 8
  • 8
    note that `-des3` can be the implicit default option `-des3 encrypt private keys with triple DES (default)`... so keep calm if you have the same prompt without asking openssl explicitly... same option to disable of course `-nodes` (read `no DES`) – Julien Mar 29 '16 at 09:39
  • 1
    my version of openssl genrsa doesn't have a -nodes option. Just leave off the -des3 or any other encryption option in that case. From [link]https://www.openssl.org/docs/man1.0.2/apps/genrsa.html: `If none of these options is specified no encryption is used` – Brad Dre Apr 22 '16 at 17:17
  • 2
    in my case I need to add `-nodes` – nelaaro Jan 25 '19 at 12:03