A system administrator is tasked with generating a new 2048-bit RSA private key and a corresponding Certificate Signing Request (CSR) for a new web server. The private key must be named server.key, not be encrypted with a passphrase, and the CSR must be named server.csr. Which of the following single openssl commands will accomplish this and prompt the user for the distinguished name fields?
The correct command is openssl req -newkey rsa:2048 -nodes -keyout server.key -out server.csr.
openssl req is the command to create and process certificate requests (CSRs).
-newkey rsa:2048 generates a new 2048-bit RSA private key.
-nodes stands for "no DES" and ensures the private key is not encrypted with a passphrase.
-keyout server.key specifies the output file for the new private key.
-out server.csr specifies the output file for the CSR.
The command openssl x509... is incorrect because the x509 subcommand is used for viewing and managing existing X.509 certificates, not for generating a new key and CSR from scratch. The openssl genpkey... command is incorrect as genpkey is used for key generation, but it cannot create a CSR in the same operation; the -csr flag used here is not valid for this command. The openssl req -new -key server.key... command is incorrect because it is used to create a CSR from an existing private key (-key server.key), while the scenario requires generating a new key simultaneously.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is the purpose of a Certificate Signing Request (CSR)?
Open an interactive chat with Bash
Why is the `-nodes` option used when generating a key with OpenSSL?
Open an interactive chat with Bash
How does the RSA algorithm work in relation to private and public keys?
Open an interactive chat with Bash
CompTIA Linux+ XK0-006 (V8)
Security
Your Score:
Report Issue
Bash, the Crucial Exams Chat Bot
AI Bot
Loading...
Loading...
Loading...
IT & Cybersecurity Package Join Premium for Full Access