posts:x.509-certificates: Use --outfile with --generate-privkey

[blog.git] / posts / X.509_certificates.mdwn

diff --git a/posts/X.509_certificates.mdwn b/posts/X.509_certificates.mdwn
index 7266baa75e6952944297d92cba9b77c694f79b19..ffb652dfc1df4dff55f92e939db293f0b6ede3ee 100644 (file)
--- a/posts/X.509_certificates.mdwn
+++ b/posts/X.509_certificates.mdwn
@@ -10,7 +10,7 @@ GnuTLS
 Following the [GnuTLS manual][gnutls-manual], create a certificate
 authority with [certtool][], adjusting the `cn` as you see fit:
 
-    $ certtool --generate-privkey > x509-ca-key.pem
+    $ certtool --generate-privkey --outfile x509-ca-key.pem
     $ echo 'cn = GnuTLS test CA' > ca.tmpl
     $ echo 'ca' >> ca.tmpl
     $ echo 'cert_signing_key' >> ca.tmpl
@@ -19,7 +19,7 @@ authority with [certtool][], adjusting the `cn` as you see fit:
 
 Now generate the *unencrypted* server key.
 
-    $ certtool --generate-privkey > x509-server-key.pem
+    $ certtool --generate-privkey --outfile x509-server-key.pem
 
 And sign the key with your CA, adjusting the `cn` as you see fit, and
 changing `dns_name` to match your fully qualified host name.