Server Technologies and Tools

Release 11.6.2 of OpenEdge includes the following:

Updates to the pkiutil command line utility — The following options are added to the utility:

-pkcs5

Use -pkcs5 to generate a PKCS#5 encrypted private key, as shown:

pkiutil -newreq -keysize 2048 alias-name

pkiutil -keysize 2048 -pkcs5 -newreq alias-name

-pkcs5 is the default encrypted private key, and the default size of they key is 2048 bits.

The following is an example of the generated key:

-----BEGIN RSA PRIVATE KEY-----
Proc-Type: 4,ENCRYPTED DEK-Info: DES-EDE3-CBC,E83B4019057F55E9
iIPs59nQn4RSd7ppch9/vNE7PfRSHLoQFmaAjaF0DxjV9oucznUjJq2gphAB2E2H ...
(snip) ...
y5IT1MZPgN3LNkVSsLPWKo08uFZQdfu0JTKcn7NPyRc=
-----END RSA PRIVATE KEY-----

-pkcs8

Use -pkcs8 to generate a PKCS#8 encrypted private key, as shown:

pkiutil -keysize 2048 -pkcs8 -newreq alias-name

The following is an example of the generated key:

-----BEGIN ENCRYPTED PRIVATE KEY-----
MIIBpjBABgkqhkiG9w0BBQ0wMzAbBgkqhkiG9w0BBQwwDgQIU9Y9p2EfWucCAggA
... (snip) ...
IjsZNp6zmlqf/RXnETsJjGd0TXRWaEdu+XOOyVyPskX2177X9DUJoD31
-----END ENCRYPTED PRIVATE KEY-----

-keypass password

Use -keypass to set the private key password while creating the private key, as shown:

pkiutil -keysize 2048 -keypass password -pkcs8 -newreq alias-name

pkiutil -keysize 2048 -keypass password -newreq alias-name

pkiutil -keysize 2048 -keypass password -pkcs5 -newreq alias-name

SSL_SOCKET_READ parameter no longer needed — Users no longer need to set the SSL_SOCKET_READ parameter while establishing an HTTP client connection using SSL.