add documentation about PKCS-8 encrypted RSA keys (#5454)

This change adds documentation about PKCS-8 vs PKCS-1 pitfalls. It 
also provides a command to convert encrypted PKCS-8 RSA keys to 
encrypted PKCS-1 RSA keys.

Fixes #5453
master
Andreas Auernhammer 7 years ago committed by Nitish Tiwari
parent 5cdcc73bd5
commit 09a9002f12
  1. 7
      docs/tls/README.md

@ -58,6 +58,13 @@ export MINIO_CERT_PASSWD=PASSWORD
```
Please use your own password instead of PASSWORD.
**Notice:**
The OpenSSL default format for encrypted private keys is PKCS-8. Minio only supports PKCS-1 encrypted private keys.
An encrypted private PKCS-8 formated RSA key can be converted to an encrypted private PKCS-1 formated RSA key by:
```sh
openssl rsa -in private-pkcs8-key.key -aes256 -passout pass:PASSWORD -out private.key
```
**Generate the self-signed certificate**:
```sh

Loading…
Cancel
Save