Skip to content

openssl-gendsa

NAME

openssl-gendsa - generate a DSA private key from a set of parameters

SYNOPSIS

openssl gendsa [-help] [-out filename] [-passout arg] [-aes128] [-aes192] [-aes256] [-aria128] [-aria192] [-aria256] [-camellia128] [-camellia192] [-camellia256] [-des] [-des3] [-idea] [-verbose] [-quiet] [-rand files] [-writerand file] [-engine id] [-provider name] [-provider-path path] [-propquery propq] [paramfile]

DESCRIPTION

This command generates a DSA private key from a DSA parameter file (which will be typically generated by the openssl-dsaparam(1) command).

OPTIONS

  • -help

    Print out a usage message.

  • -out filename

    Output the key to the specified file. If this argument is not specified then standard output is used.

  • -passout arg

    The passphrase used for the output file. See openssl-passphrase-options(1).

  • -aes128, -aes192, -aes256, -aria128, -aria192, -aria256, -camellia128, -camellia192, -camellia256, -des, -des3, -idea

    These options encrypt the private key with specified cipher before outputting it. A pass phrase is prompted for. If none of these options is specified no encryption is used.

    Note that all options must be given before the paramfile argument.

  • -verbose

    Print extra details about the operations being performed.

  • -quiet

    Print fewer details about the operations being performed, which may be handy during batch scripts and pipelines.

  • -rand files, -writerand file

    See "Random State Options" in openssl(1) for details.

  • -engine id

    See "Engine Options" in openssl(1). This option is deprecated.

  • paramfile

    The DSA parameter file to use. The parameters in this file determine the size of the private key. DSA parameters can be generated and examined using the openssl-dsaparam(1) command.

  • -provider name

  • -provider-path path
  • -propquery propq

    See "Provider Options" in openssl(1), provider(7), and property(7).

NOTES

DSA key generation is little more than random number generation so it is much quicker that RSA key generation for example.

SEE ALSO

openssl(1), openssl-genpkey(1), openssl-dsaparam(1), openssl-dsa(1), openssl-genrsa(1), openssl-rsa(1)

HISTORY

The -engine option was deprecated in OpenSSL 3.0.

Copyright 2000-2023 The OpenSSL Project Authors. All Rights Reserved.

Licensed under the Apache License 2.0 (the "License"). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at https://www.openssl.org/source/license.html.