OpenSSL: --keyout option: create .key or .key.pem files? [duplicate]

Asked 8 years, 11 months ago

Modified 8 years, 11 months ago

Viewed 9k times

0

The tutorial I'm following to create and sign certificates bounces between creating .key and .key.pem files with the -keyout option.

For example: master-ca.key.pem and openvpn-ica.key and again vpn-server.key.pem.

Does it matter and is there a standard?

edited Dec 4, 2016 at 22:02

asked Dec 4, 2016 at 21:49

11 silver badge2 bronze badges

Add a comment |

1 Answer 1

Sorted by:

0

This question has already been answered before. See this post for a great explanation: What is a Pem file and how does it differ from other OpenSSL Generated Key File Formats?

answered Dec 4, 2016 at 22:09

5132 silver badges11 bronze badges

Thank you, I saw that. A .pem is a just container and it says it doesn't really matter. But as far as readability and best practices go, which way is it more typically created?

SmokeyTehBear
– SmokeyTehBear

2016-12-04 22:18:40 +00:00
Commented Dec 4, 2016 at 22:18
As stated in this post, *.key is typically used for the private key, *.pem for the certificate (chain).

randomnickname
– randomnickname

2016-12-04 22:20:19 +00:00
Commented Dec 4, 2016 at 22:20

Add a comment |

Start asking to get answers

Find the answer to your question by asking.

Explore related questions

See similar questions with these tags.