OpenSSL RSA private key default format changes to PKCS#8
krowbar opened this issue · comments
Robert Kruus commented
Newer versions of openssl genrsa/openssl genpkey write out the RSA private keys keys in the PKCS#8 format which do not load when starting h2o:
[/usr/local/etc/h2o/h2o.conf:28] in command listen, failed to load private key file:/usr/local/etc/h2o/cert/flash.gos.ca.key:010001
Can be worked around using the following flag with openssl rsa/openssl genrsa to convert/make PKCS1 format keys.
-traditional Write the key using the traditional PKCS#1 format instead of the PKCS#8 format