Hi Ralf,
the output of the command you gave is indeed confusing, but if you use
$ openssl req -config openssl.cnf -nodes -new -keyout testkey.pem
-keyform PEM -out testreq.pem
to generate the key+request the correct value *is* picked up from the
openssl.cnf file.
I don't yet understand why the 'req' command does pick up the setting
from the openssl.cnf file yet it generates the private key using the
default key size.
HTH,
JJK
______________________________________________________________________
OpenSSL Project
http://www.openssl.org
Development Mailing List
opens...@openssl.org
Automated List Manager
majo...@openssl.org